Vulnerabilites related to vmware - player
var-201004-0982
Vulnerability from variot
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata. When the vmrun tool lists processes, it will cause arbitrary code to be executed with elevated privileges. Multiple VMware products are prone to a local privilege-escalation vulnerability. NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Thomas Toth-Steiner. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.
This vulnerability is present only on Windows Guest Operating
Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any not affected
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x any 2.5.4 build 246459 or later
ACE 2.6.x Windows not affected
ACE 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any 2.0.2 build 203138 or later
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.6 build 246742 or later
ESXi 4.0 ESXi ESXi400-201002402-BG
ESXi 3.5 ESXi ESXe350-200912401-T-BG or later
ESX 4.0 ESX ESX400-201002401-BG
ESX 3.5 ESX ESX350-200912401-BG
ESX 3.0.3 ESX ESX303-201002203-UG
ESX 2.5.5 ESX Upgrade Patch 15
b. Windows-based VMware Tools Arbitrary Code Execution vulnerability
A vulnerability in the way VMware executables are loaded allows for
arbitrary code execution in the context of the logged on user. This
vulnerability is present only on Windows Guest Operating Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Ace any any not affected
Server 2.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
d. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x any 2.5.4 build 246459 or later
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion any any Mac OS/X not affected
ESXi any ESXi not applicable
ESX any ESX not applicable
e. VMware VMnc Codec heap overflow vulnerabilities
The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.4 Build 246459 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.x any not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
ACE any any not affected
Server 2.x Window not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
f. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed.
For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.x Linux not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x Windows not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any any not affected
ESX any any not affected
h. Potential information leak via hosted networking stack
A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.
A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
i.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .
For more information see vulnerabilities #3 through #7 in: SA39206
SOLUTION: Restrict local access to trusted users only. Do not open untrusted images or video files.
Background
VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.
A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.
Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS).
Workaround
There is no known workaround at this time. We recommend that users unmerge VMware Server:
# emerge --unmerge "app-emulation/vmware-server"
References
[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201209-25.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
Secunia CSI + Microsoft SCCM
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
TITLE: VMware Products Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA39206
VERIFY ADVISORY: http://secunia.com/advisories/39206/
DESCRIPTION: Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system.
NOTE: This vulnerability cannot be exploited without administrative privileges on recent Windows versions (e.g. Windows XP and Windows Vista).
3) An error in libpng can be exploited to disclose uninitialised memory via a specially crafted image.
For more information: SA35346
4) A boundary error and two integer truncation errors in the VMnc codec can be exploited to potentially execute arbitrary code.
For more information: SA36712
5) An error in the VMware Authorization Service ("vmware-authd") can be exploited to cause a crash.
For more information: SA39201
SOLUTION: Update to a fixed version.
PROVIDED AND/OR DISCOVERED BY: 4) Alin Rad Pop, Secunia Research
The vendor also credits: 1) Jure Skofic and Mitja Kolsek of ACROS Security 2) Thierry Zoller 4) iDefense and Sebastien Renaud of Vupen 6) Johann MacDonagh 7) Thomas Toth-Steiner
ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html
Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/
OTHER REFERENCES: SA35346: http://secunia.com/advisories/35346/
SA36712: http://secunia.com/advisories/36712/
SA36988: http://secunia.com/advisories/36988/
SA39198: http://secunia.com/advisories/39198/
SA39201: http://secunia.com/advisories/39201/
SA39203: http://secunia.com/advisories/39203/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0982",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.6"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.5"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.4"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "vix api",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "1.6.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "vix api",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "1.6.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "server",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "1.6.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "2.0.6246742"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "1.7"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "vix api",
"version": "1.6.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "vix api",
"version": "1.6.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3185404"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2156735"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.6"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.6196839"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2147997"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "vix api",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.7"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "fusion build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.7246742"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0571"
},
{
"db": "BID",
"id": "39407"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001367"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-158"
},
{
"db": "NVD",
"id": "CVE-2010-1139"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:fusion",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:vix_api",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001367"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-158"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1139",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2010-1139",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1139",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-1139",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-158",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-1139",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1139"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001367"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-158"
},
{
"db": "NVD",
"id": "CVE-2010-1139"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata. When the vmrun tool lists processes, it will cause arbitrary code to be executed with elevated privileges. Multiple VMware products are prone to a local privilege-escalation vulnerability. \nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Thomas Toth-Steiner. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n A vulnerability in the way VMware libraries are referenced allows\n for arbitrary code execution in the context of the logged on user. \n This vulnerability is present only on Windows Guest Operating\n Systems. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to lure the user that is logged on a Windows Guest\n Operating System to click on the attacker\u0027s file on a network\n share. This file could be in any file format. The attacker will\n need to have the ability to host their malicious files on a\n network share. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any not affected\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x any 2.5.4 build 246459 or later\n\n ACE 2.6.x Windows not affected\n ACE 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any 2.0.2 build 203138 or later\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.6 build 246742 or later\n\n ESXi 4.0 ESXi ESXi400-201002402-BG\n ESXi 3.5 ESXi ESXe350-200912401-T-BG or later\n\n ESX 4.0 ESX ESX400-201002401-BG\n ESX 3.5 ESX ESX350-200912401-BG\n ESX 3.0.3 ESX ESX303-201002203-UG\n ESX 2.5.5 ESX Upgrade Patch 15\n\n b. Windows-based VMware Tools Arbitrary Code Execution vulnerability\n\n A vulnerability in the way VMware executables are loaded allows for\n arbitrary code execution in the context of the logged on user. This\n vulnerability is present only on Windows Guest Operating Systems. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the Virtual Machine of the user. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n escalation\n\n A vulnerability in the USB service allows for a privilege\n escalation. A local attacker on the host of a Windows-based\n Operating System where VMware Workstation or VMware Player\n is installed could plant a malicious executable on the host and\n elevate their privileges. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x any not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.0 Linux not affected\n Player 2.5.x any not affected\n\n Ace any any not affected\n\n Server 2.x any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not applicable\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x any 2.5.4 build 246459 or later\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion any any Mac OS/X not affected\n\n ESXi any ESXi not applicable\n\n ESX any ESX not applicable\n\n e. VMware VMnc Codec heap overflow vulnerabilities\n\n The VMware movie decoder contains the VMnc media codec that is\n required to play back movies recorded with VMware Workstation,\n VMware Player and VMware ACE, in any compatible media player. The\n movie decoder is installed as part of VMware Workstation, VMware\n Player and VMware ACE, or can be downloaded as a stand alone\n package. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Movie Decoder any Windows 6.5.4 Build 246459 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.x any not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n ACE any any not affected\n\n Server 2.x Window not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\nf. \n Exploitation of this issue may lead to arbitrary code execution on\n the system where VMrc is installed. \n\n For an attack to be successful, an attacker would need to trick the\n VMrc user into opening a malicious Web page or following a malicious\n URL. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.x Linux not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x Windows not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any any not affected\n\n ESX any any not affected\n\n h. Potential information leak via hosted networking stack\n\n A vulnerability in the virtual networking stack of VMware hosted\n products could allow host information disclosure. \n\n A guest operating system could send memory from the host vmware-vmx\n process to the virtual network adapter and potentially to the\n host\u0027s physical Ethernet wire. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n i. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nFor more information see vulnerabilities #3 through #7 in:\nSA39206\n\nSOLUTION:\nRestrict local access to trusted users only. Do not open untrusted\nimages or video files. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/vmware-player\n \u003c= 2.5.5.328052 Vulnerable!\n 2 app-emulation/vmware-workstation\n \u003c= 6.5.5.328052 Vulnerable!\n 3 app-emulation/vmware-server\n \u003c= 1.0.9.156507 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nFurthermore, guest OS users may be able to execute arbitrary code on\nthe host OS, gain escalated privileges on the guest OS, or cause a\nDenial of Service (crash the host OS). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. We recommend that users\nunmerge VMware Server:\n\n # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[ 1 ] CVE-2007-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[ 2 ] CVE-2007-5503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[ 3 ] CVE-2007-5671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[ 4 ] CVE-2008-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[ 5 ] CVE-2008-1340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[ 6 ] CVE-2008-1361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[ 7 ] CVE-2008-1362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[ 8 ] CVE-2008-1363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[ 9 ] CVE-2008-1364\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\n\n Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA39206\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39206/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in multiple VMware products,\nwhich can be exploited by malicious, local users to disclose\nsensitive information or gain escalated privileges, and by malicious\npeople to disclose sensitive information, cause a DoS (Denial of\nService), or potentially compromise a user\u0027s system. \n\nNOTE: This vulnerability cannot be exploited without administrative\nprivileges on recent Windows versions (e.g. Windows XP and Windows\nVista). \n\n3) An error in libpng can be exploited to disclose uninitialised\nmemory via a specially crafted image. \n\nFor more information:\nSA35346\n\n4) A boundary error and two integer truncation errors in the VMnc\ncodec can be exploited to potentially execute arbitrary code. \n\nFor more information:\nSA36712\n\n5) An error in the VMware Authorization Service (\"vmware-authd\") can\nbe exploited to cause a crash. \n\nFor more information:\nSA39201\n\nSOLUTION:\nUpdate to a fixed version. \n\nPROVIDED AND/OR DISCOVERED BY:\n4) Alin Rad Pop, Secunia Research\n\nThe vendor also credits:\n1) Jure Skofic and Mitja Kolsek of ACROS Security\n2) Thierry Zoller\n4) iDefense and Sebastien Renaud of Vupen\n6) Johann MacDonagh\n7) Thomas Toth-Steiner\n\nORIGINAL ADVISORY:\nVMware (VMSA-2010-0007):\nhttp://lists.vmware.com/pipermail/security-announce/2010/000090.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2009-36/\nhttp://secunia.com/secunia_research/2009-37/\n\nOTHER REFERENCES:\nSA35346:\nhttp://secunia.com/advisories/35346/\n\nSA36712:\nhttp://secunia.com/advisories/36712/\n\nSA36988:\nhttp://secunia.com/advisories/36988/\n\nSA39198:\nhttp://secunia.com/advisories/39198/\n\nSA39201:\nhttp://secunia.com/advisories/39201/\n\nSA39203:\nhttp://secunia.com/advisories/39203/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1139"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001367"
},
{
"db": "CNVD",
"id": "CNVD-2010-0571"
},
{
"db": "BID",
"id": "39407"
},
{
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1139"
},
{
"db": "PACKETSTORM",
"id": "88508"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1139",
"trust": 4.0
},
{
"db": "SECUNIA",
"id": "39201",
"trust": 3.2
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "39215",
"trust": 2.6
},
{
"db": "BID",
"id": "39407",
"trust": 2.2
},
{
"db": "OSVDB",
"id": "63606",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1023835",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2010-0571",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-158",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0852",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001367",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788\u203b14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7D04E1-463F-11E9-941D-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "46D0BBE4-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2010-1139",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88508",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88234",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117012",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88233",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0571"
},
{
"db": "VULMON",
"id": "CVE-2010-1139"
},
{
"db": "BID",
"id": "39407"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001367"
},
{
"db": "PACKETSTORM",
"id": "88508"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-158"
},
{
"db": "NVD",
"id": "CVE-2010-1139"
}
]
},
"id": "VAR-201004-0982",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0571"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0571"
}
]
},
"last_update_date": "2024-11-23T20:31:08.808000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/158"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0571"
},
{
"db": "VULMON",
"id": "CVE-2010-1139"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001367"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-134",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001367"
},
{
"db": "NVD",
"id": "CVE-2010-1139"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/39201"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39215"
},
{
"trust": 2.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/39407"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023835"
},
{
"trust": 1.9,
"url": "http://osvdb.org/63606"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1139"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/0852"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/39201/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/39206/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/134.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39215/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36988/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36712/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39203/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35346/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0571"
},
{
"db": "VULMON",
"id": "CVE-2010-1139"
},
{
"db": "BID",
"id": "39407"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001367"
},
{
"db": "PACKETSTORM",
"id": "88508"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-158"
},
{
"db": "NVD",
"id": "CVE-2010-1139"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0571"
},
{
"db": "VULMON",
"id": "CVE-2010-1139"
},
{
"db": "BID",
"id": "39407"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001367"
},
{
"db": "PACKETSTORM",
"id": "88508"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-158"
},
{
"db": "NVD",
"id": "CVE-2010-1139"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0571"
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1139"
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39407"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001367"
},
{
"date": "2010-04-16T05:45:28",
"db": "PACKETSTORM",
"id": "88508"
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215"
},
{
"date": "2010-04-12T12:34:16",
"db": "PACKETSTORM",
"id": "88234"
},
{
"date": "2012-09-30T16:40:15",
"db": "PACKETSTORM",
"id": "117012"
},
{
"date": "2010-04-12T12:34:14",
"db": "PACKETSTORM",
"id": "88233"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-158"
},
{
"date": "2010-04-12T18:30:00.587000",
"db": "NVD",
"id": "CVE-2010-1139"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0571"
},
{
"date": "2013-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1139"
},
{
"date": "2012-10-01T19:10:00",
"db": "BID",
"id": "39407"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001367"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-158"
},
{
"date": "2024-11-21T01:13:44.077000",
"db": "NVD",
"id": "CVE-2010-1139"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "39407"
},
{
"db": "PACKETSTORM",
"id": "88508"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-158"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMWare VIX API vmrun Tool Format String Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0571"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Format string",
"sources": [
{
"db": "IVD",
"id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
},
{
"db": "IVD",
"id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-158"
}
],
"trust": 1.0
}
}
var-200609-1220
Vulnerability from variot
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
-
Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . ASN.1 Denial of Service Attack (1/2)
During the parsing of certain invalid ASN.1 structures an error
condition is mishandled. ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1220",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. ASN.1 Denial of Service Attack (1/2)\n\n During the parsing of certain invalid ASN.1 structures an error\n condition is mishandled. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 5.13
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 3.1
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "BID",
"id": "20246",
"trust": 2.1
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200609-1220",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-11-04T21:47:50.419000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.7,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2018-10-17T21:36:13.210000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
}
}
var-201004-0267
Vulnerability from variot
The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. plural VMware Product virtual network stack host OS A vulnerability exists in which important information is obtained from the above memory.Hosted by a third party OS Important information may be obtained from the above memory. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. VMWare products do not implement the virtual network stack correctly. Users on the guest operating system can obtain partial memory from the host's vmware-vmx process. Multiple VMware-hosted products are prone to an information-disclosure vulnerability. This can allow the attackers to harvest potentially sensitive information that can aid in further attacks. The following applications are vulnerable: Workstation Player ACE Server Fusion NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------
Secunia CSI + Microsoft SCCM
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
TITLE: VMware Server Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA39215
VERIFY ADVISORY: http://secunia.com/advisories/39215/
DESCRIPTION: Some vulnerabilities have been reported in VMware Server, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system.
For more information see vulnerabilities #3 through #7 in: SA39206
SOLUTION: Restrict local access to trusted users only. Do not open untrusted images or video files.
ORIGINAL ADVISORY: VMSA-2010-0007: http://lists.vmware.com/pipermail/security-announce/2010/000090.html
OTHER REFERENCES: SA39206: http://secunia.com/advisories/39206/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
- Summary
VMware hosted products, vCenter Server and ESX patches resolve multiple security issues.
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details. Windows-based VMware Tools Arbitrary Code Execution vulnerability
A vulnerability in the way VMware executables are loaded allows for
arbitrary code execution in the context of the logged on user.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities
The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.
Vulnerabilities in the decoder allow for execution of arbitrary
code with the privileges of the user running an application
utilizing the vulnerable codec.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below. VMware Remote Console format string vulnerability
VMware Remote Console (VMrc) contains a format string vulnerability.
Exploitation of this issue may lead to arbitrary code execution on
the system where VMrc is installed.
For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404
ESXi 3.5
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0267",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fusion",
"scope": "eq",
"trust": 3.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "7.0"
},
{
"model": "player",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "2.6"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.6"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.4"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.5"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "server",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "player",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "player",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "3.0"
},
{
"model": "workstation for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5"
},
{
"model": "workstation for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3185404"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2156735"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "player for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "player for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.6196839"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2147997"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2"
},
{
"model": "ace build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "ace build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "ace build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "workstation for linux build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "7.0.1227600"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "player for linux build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1227600"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "fusion build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1232708"
},
{
"model": "fusion build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.7246742"
},
{
"model": "ace build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.6.1227600"
},
{
"model": "ace build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "BID",
"id": "39395"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:ace:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:2.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1138"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1138",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2010-1138",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.9,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-1138",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-157",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-1138",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. plural VMware Product virtual network stack host OS A vulnerability exists in which important information is obtained from the above memory.Hosted by a third party OS Important information may be obtained from the above memory. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. VMWare products do not implement the virtual network stack correctly. Users on the guest operating system can obtain partial memory from the host\u0027s vmware-vmx process. Multiple VMware-hosted products are prone to an information-disclosure vulnerability. This can allow the attackers to harvest potentially sensitive information that can aid in further attacks. \nThe following applications are vulnerable:\nWorkstation\nPlayer\nACE\nServer\nFusion\nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. ----------------------------------------------------------------------\n\n\n Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Server Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA39215\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39215/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in VMware Server, which can\nbe exploited by malicious, local users to disclose sensitive\ninformation or gain escalated privileges, and by malicious people to\ndisclose sensitive information, cause a DoS (Denial of Service), or\npotentially compromise a user\u0027s system. \n\nFor more information see vulnerabilities #3 through #7 in:\nSA39206\n\nSOLUTION:\nRestrict local access to trusted users only. Do not open untrusted\nimages or video files. \n\nORIGINAL ADVISORY:\nVMSA-2010-0007:\nhttp://lists.vmware.com/pipermail/security-announce/2010/000090.html\n\nOTHER REFERENCES:\nSA39206:\nhttp://secunia.com/advisories/39206/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. Summary\n\n VMware hosted products, vCenter Server and ESX patches resolve\n multiple security issues. \n\n2. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n A vulnerability in the way VMware libraries are referenced allows\n for arbitrary code execution in the context of the logged on user. This file could be in any file format. The attacker will\n need to have the ability to host their malicious files on a\n network share. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n\n Steps needed to remediate this vulnerability:\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the remediated version of Workstation, Player, ACE,\n Server and Fusion. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. Windows-based VMware Tools Arbitrary Code Execution vulnerability\n\n A vulnerability in the way VMware executables are loaded allows for\n arbitrary code execution in the context of the logged on user. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the Virtual Machine of the user. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n escalation\n\n A vulnerability in the USB service allows for a privilege\n escalation. A local attacker on the host of a Windows-based\n Operating System where VMware Workstation or VMware Player\n is installed could plant a malicious executable on the host and\n elevate their privileges. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities\n\n The VMware movie decoder contains the VMnc media codec that is\n required to play back movies recorded with VMware Workstation,\n VMware Player and VMware ACE, in any compatible media player. The\n movie decoder is installed as part of VMware Workstation, VMware\n Player and VMware ACE, or can be downloaded as a stand alone\n package. \n\n Vulnerabilities in the decoder allow for execution of arbitrary\n code with the privileges of the user running an application\n utilizing the vulnerable codec. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. VMware Remote Console format string vulnerability\n\n VMware Remote Console (VMrc) contains a format string vulnerability. \n Exploitation of this issue may lead to arbitrary code execution on\n the system where VMrc is installed. \n\n For an attack to be successful, an attacker would need to trick the\n VMrc user into opening a malicious Web page or following a malicious\n URL. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Linux-based vmrun format string vulnerability\n\n A format string vulnerability in vmrun could allow arbitrary code\n execution. \n\n If a vmrun command is issued and processes are listed, code could\n be executed in the context of the user listing the processes. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n VIX API any Windows not affected\n VIX API 1.6.x Linux upgrade to VIX API 1.7 or later\n VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows not affected\n Workstation 6.5.x Linux 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x Windows not affected\n Player 2.5.x Linux 2.5.4 build 246459 or later\n\n Ace any Windows not affected\n\n Server 2.x Windows not affected\n Server 2.x Linux not being fixed at this time\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n VIX API 1.6 for Windows\n Version 2.0.2 | 203138 - 10/26/09\n 37 MB image\n md5sum: 827e65e70803ec65ade62dd27a74407a\n sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n For Linux\n\n VMware Server 2 for Linux Operating Systems. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 451 MB TAR image\n md5sum: cc7aef813008eeb7150c21547d431b39\n sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n VMware Fusion 3.0.2\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n VMware Fusion 3.0.2 (for Intel-based Macs)\n md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n VMware Fusion 2.0.7\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n VMware Fusion 2.0.7 (for Intel-based Macs)\n md5sum: a293f5ce6ccc227760640753386e9da6\n sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n VMware Fusion 2.0.7 Light (for Intel-based Macs)\n md5sum: d4772d118fb90323f598849e70c21189\n sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n ----------------------------------------------\n VIX API for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host\n md5sum:b494fc3092f07d0f29cc06a19fe61306\n sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n VIX API for Linux 32-bit\n md5sum:6b0ed8872d8b714363cddc68b6a77008\n sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n VIX API for Linux 64-bit\n md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n VIX API Version: 1.8.1 | 2009-10-11 | 207905\n ---------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:4f21e4cb518767bc08045f5a39f5d41f\n sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n VIX API for Linux 32-bit\n md5sum:f347e94d907c26754540d59956ee5d53\n sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n VIX API for Linux 64-bit\n md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n VIX API Version: 1.10 Beta | 01/28/10 | 222403\n ----------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n VIX API for Linux 32-bit\n md5sum:07d1989d042e317eb9d2b3daf269dda7\n sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n VIX API for Linux 64-bit\n md5sum:9b345008e0adec3c044988307294944b\n sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n ESXi\n ----\n ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n md5sum: e5aa2968d389594abdc59cbac7b0183d\n sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n http://kb.vmware.com/kb/1018404\n\n ESXi 3.5\n --------\n ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n ESXe350-200912401-O-BG from December 2009. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "BID",
"id": "39395"
},
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88215"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1138",
"trust": 3.9
},
{
"db": "SECUNIA",
"id": "39203",
"trust": 3.1
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "39215",
"trust": 2.6
},
{
"db": "BID",
"id": "39395",
"trust": 2.2
},
{
"db": "OSVDB",
"id": "63607",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2010-0572",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0852",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1023836",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366",
"trust": 0.8
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788\u203b14789",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7CB6C1-463F-11E9-973F-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "46D9D18E-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2010-1138",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88234",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "BID",
"id": "39395"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88215"
}
]
},
"id": "VAR-201004-0267",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
}
]
},
"last_update_date": "2021-12-18T23:56:55.293000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/157"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/39203"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39215"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/39395"
},
{
"trust": 1.9,
"url": "http://osvdb.org/63607"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023836"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1138"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/0852"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39206/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39215/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "BID",
"id": "39395"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88215"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "BID",
"id": "39395"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88215"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-12T18:30:00",
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39395"
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"date": "2010-04-12T12:34:16",
"db": "PACKETSTORM",
"id": "88234"
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-15T03:07:00",
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"date": null,
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"date": null,
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"date": "2012-10-01T19:10:00",
"db": "BID",
"id": "39395"
},
{
"date": "2013-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"date": null,
"db": "PACKETSTORM",
"id": "88234"
},
{
"date": null,
"db": "PACKETSTORM",
"id": "88215"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMWare product vmware-vmx Virtual Network Stack Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
}
],
"trust": 0.6
}
}
var-200609-0811
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0811",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "64684"
}
],
"trust": 5.67
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-0811",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-24T20:40:33.057000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.4,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2024-11-21T00:12:26.670000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200110-0367
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. OpenSSL Security Advisory [28th September 2006]
New OpenSSL releases are now available to correct four security issues.
ASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)
Vulnerability
Dr. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory (CVE-2006-2937). (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack (CVE-2006-2940).
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172-1 http://www.mandriva.com/security/
Package : openssl Date : October 2, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. Henson of the OpenSSL core team and Open Network Security is credited with the discovery of this vulnerability. He created the test suite that uncovered this issue.",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. OpenSSL Security Advisory [28th September 2006]\n\nNew OpenSSL releases are now available to correct four security\nissues. \n\n\nASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)\n==============================================================\n\nVulnerability\n-------------\n\nDr. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. This can result in an infinite loop which\nconsumes system memory (CVE-2006-2937). (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. This could be used by an attacker in a denial of\nservice attack (CVE-2006-2940). \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172-1\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : October 2, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 2.2
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "BID",
"id": "20248",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-27T20:04:03.035000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2024-11-21T00:12:26.670000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
}
}
var-200110-0206
Vulnerability from variot
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824490 Version: 1
HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05 Last Updated: 2011-05-05
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
References: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html
CSWS_PHP V2.2 http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html
HISTORY Version:1 (rev.1) - 5 May 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
-
Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0206",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor credits Tavis Ormandy and Will Drewry of the Google Security Team with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02824490\nVersion: 1\n\nHPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-05-05\nLast Updated: 2011-05-05\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nReferences: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html\n\nCSWS_PHP V2.2\n http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html\n\nHISTORY\nVersion:1 (rev.1) - 5 May 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "64684"
}
],
"trust": 5.31
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "BID",
"id": "20246",
"trust": 2.1
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200110-0206",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-11-18T20:45:50.760000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2018-10-17T21:36:13.210000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
}
}
var-200110-0192
Vulnerability from variot
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1173-1 security@debian.org http://www.debian.org/security/ Noah Meyerhans September 10th, 2006 http://www.debian.org/security/faq
Package : openssl Problem-Type : local Vulnerability : Cryptographic weakness Debian-specific: no CVE ID : CVE-2006-4339 BugTraq ID : 19849 Debian Bug : 386247
Daniel Bleichenbacher discovered a flaw in OpenSSL cryptographic package that could allow an attacker to generate a forged signature that OpenSSL will accept as valid.
For the stable distribution (sarge) this problem has been fixed in version 0.9.7e-3sarge2
For the unstable distribution (sid) this problem has been fixed in version 0.9.8b-3
We recommend that you upgrade your openssl packages. Note that services linking against the openssl shared libraries will need to be restarted. Common examples of such services include most Mail Transport Agents, SSH servers, and web servers.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.dsc
Size/MD5 checksum: 639 a6d3c0f1fae595b8c2f7a45ca76dff1f
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.diff.gz
Size/MD5 checksum: 27435 16d02ad2e1e531617e5d533553340a83
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e.orig.tar.gz
Size/MD5 checksum: 3043231 a8777164bca38d84e5eb2b1535223474
Alpha architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_alpha.deb
Size/MD5 checksum: 3339496 917761204c442b6470cc84364a1d5227
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_alpha.deb
Size/MD5 checksum: 2445696 6d894629524dcefbefa0f813cb588bef
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_alpha.deb
Size/MD5 checksum: 929948 117af21021dfea510ac09e9a09c1dfd9
AMD64 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_amd64.deb
Size/MD5 checksum: 2693336 c45662184c5ed338e179f3ec5e39289e
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_amd64.deb
Size/MD5 checksum: 769324 e216b2d3b89634457906140fcff4c5ac
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_amd64.deb
Size/MD5 checksum: 903454 52d2ce0e5d967ca1a77a33f9417fd798
ARM architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_arm.deb
Size/MD5 checksum: 2555074 fd529ad701cfbbde50845aa3e0ba4d5e
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_arm.deb
Size/MD5 checksum: 689548 a626529a0d9f52d069e6fcb1ec3a2513
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_arm.deb
Size/MD5 checksum: 893880 58bcc0001bf7e014b6a1d7ab9849cf2c
HP Precision architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_hppa.deb
Size/MD5 checksum: 2694850 7dd819a9adddc660268d260df3e8cea2
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_hppa.deb
Size/MD5 checksum: 790570 06a37ff4879fab7ee26ac35f6526d7c3
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_hppa.deb
Size/MD5 checksum: 914188 74e469de973e495e93455816587b63db
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_i386.deb
Size/MD5 checksum: 2553346 946eaef80a1dc82af47e10d4913153b3
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_i386.deb
Size/MD5 checksum: 2262628 a4e5d09c7086373d2a76370c71542ce0
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_i386.deb
Size/MD5 checksum: 908336 e850093346e148d2132d59db3184d398
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_ia64.deb
Size/MD5 checksum: 3394850 a43e3948b612ea7b48cdcb267fb26ef5
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_ia64.deb
Size/MD5 checksum: 1037694 e4cda7f8044cbc72ebbef123124461ea
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_ia64.deb
Size/MD5 checksum: 974802 a6dcd78bc35ca46bb21ac24ac1ccde1b
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_m68k.deb
Size/MD5 checksum: 2316460 403eae3e2c3f396a0e789069e8896036
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_m68k.deb
Size/MD5 checksum: 661108 eeb8f5b59f10b7c5ed5187f25b1505e6
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_m68k.deb
Size/MD5 checksum: 889522 07baf9c082693a1bbf7d81d49f5dd216
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mips.deb
Size/MD5 checksum: 2778514 ef833284a26b9ad69eb22c169dcb822f
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mips.deb
Size/MD5 checksum: 705952 57a2075ffd4746c1c989c06be4e5587e
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mips.deb
Size/MD5 checksum: 896456 0d93ca64cbc1608c5a8345a574b47ada
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mipsel.deb
Size/MD5 checksum: 2766270 1d197335ffe887e31525c04466dfd66c
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mipsel.deb
Size/MD5 checksum: 693836 45f358db6b4e149982a16cced46eb1d7
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mipsel.deb
Size/MD5 checksum: 895636 60f63815017772f9dcbcfce2d8aa9138
PowerPC architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_powerpc.deb
Size/MD5 checksum: 2774840 012631d48936597d2bdb35a2c9e597cc
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_powerpc.deb
Size/MD5 checksum: 778946 3e0d5b50e5c3a1b00faf6c7c18a8ac4f
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_powerpc.deb
Size/MD5 checksum: 908016 8bfe8de155f113aef3edca883cd72dac
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_s390.deb
Size/MD5 checksum: 2716386 e8744dd7d49acabdd664bdd505e9efae
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_s390.deb
Size/MD5 checksum: 813542 05846cc017a99f250d8104c406f2a609
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_s390.deb
Size/MD5 checksum: 918208 f78b15dae8f8072339e601793707c4eb
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_sparc.deb
Size/MD5 checksum: 2629368 4532f9940cf010b00b0d1404c11f9da5
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_sparc.deb
Size/MD5 checksum: 1884394 f7a8f112bb7e09c8c1dacc68c923cd40
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_sparc.deb
Size/MD5 checksum: 924208 a5e3e93b474e23a0f858eaa3a329d2de
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFBAPBXm3vHE4uyloRAi3GAKDGgqkwyRLRWlGMVZCCaUAqoW/GZwCePsIu B9S76g6dsDiigQZAK709Qmk= =lxOo -----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/
TITLE: OpenOffice.org 3 Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA38568
VERIFY ADVISORY: http://secunia.com/advisories/38568/
DESCRIPTION: Some vulnerabilities have been reported in OpenOffice.org, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, or compromise a user's system.
1) The included libxml2 library fails to properly verify signatures.
This is related to: SA21709
2) An error in the included libxmlsec library can be exploited to potentially forge a valid signature.
For more information: SA35854
3) An error in the included MSVC Runtime package can be exploited to bypass certain security features.
For more information see vulnerability #2 in: SA35967
4) An error in the processing XPM files can be exploited to potentially execute arbitrary code.
5) An error in the processing GIF files can be exploited to potentially execute arbitrary code.
6) An error in the processing of Word documents can be exploited to potentially execute arbitrary code.
SOLUTION: Update to version 3.2.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 4) Sebastian Apelt of siberas 5) Frank Rei\xdfner and Sebastian Apelt of siberas 6) Nicolas Joly of Vupen
ORIGINAL ADVISORY: http://www.openoffice.org/security/cves/CVE-2006-4339.html http://www.openoffice.org/security/cves/CVE-2009-0217.html http://www.openoffice.org/security/cves/CVE-2009-2493.html http://www.openoffice.org/security/cves/CVE-2009-2949.html http://www.openoffice.org/security/cves/CVE-2009-2950.html http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html
OTHER REFERENCES: SA21709: http://secunia.com/advisories/21709/
SA35854: http://secunia.com/advisories/35854/
SA35967: http://secunia.com/advisories/35967/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0192",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Bleichenbacher reported this issue to the vendor.",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4339",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4339",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1173-1 security@debian.org\nhttp://www.debian.org/security/ Noah Meyerhans \nSeptember 10th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : openssl\nProblem-Type : local\nVulnerability : Cryptographic weakness\nDebian-specific: no\nCVE ID : CVE-2006-4339\nBugTraq ID : 19849\nDebian Bug : 386247\n\nDaniel Bleichenbacher discovered a flaw in OpenSSL cryptographic package\nthat could allow an attacker to generate a forged signature that OpenSSL\nwill accept as valid. \n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.7e-3sarge2\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.9.8b-3\n\nWe recommend that you upgrade your openssl packages. Note that services\nlinking against the openssl shared libraries will need to be restarted. \nCommon examples of such services include most Mail Transport Agents, SSH\nservers, and web servers. \n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.dsc\n Size/MD5 checksum: 639 a6d3c0f1fae595b8c2f7a45ca76dff1f\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.diff.gz\n Size/MD5 checksum: 27435 16d02ad2e1e531617e5d533553340a83\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e.orig.tar.gz\n Size/MD5 checksum: 3043231 a8777164bca38d84e5eb2b1535223474\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_alpha.deb\n Size/MD5 checksum: 3339496 917761204c442b6470cc84364a1d5227\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_alpha.deb\n Size/MD5 checksum: 2445696 6d894629524dcefbefa0f813cb588bef\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_alpha.deb\n Size/MD5 checksum: 929948 117af21021dfea510ac09e9a09c1dfd9\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_amd64.deb\n Size/MD5 checksum: 2693336 c45662184c5ed338e179f3ec5e39289e\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_amd64.deb\n Size/MD5 checksum: 769324 e216b2d3b89634457906140fcff4c5ac\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_amd64.deb\n Size/MD5 checksum: 903454 52d2ce0e5d967ca1a77a33f9417fd798\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_arm.deb\n Size/MD5 checksum: 2555074 fd529ad701cfbbde50845aa3e0ba4d5e\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_arm.deb\n Size/MD5 checksum: 689548 a626529a0d9f52d069e6fcb1ec3a2513\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_arm.deb\n Size/MD5 checksum: 893880 58bcc0001bf7e014b6a1d7ab9849cf2c\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_hppa.deb\n Size/MD5 checksum: 2694850 7dd819a9adddc660268d260df3e8cea2\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_hppa.deb\n Size/MD5 checksum: 790570 06a37ff4879fab7ee26ac35f6526d7c3\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_hppa.deb\n Size/MD5 checksum: 914188 74e469de973e495e93455816587b63db\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_i386.deb\n Size/MD5 checksum: 2553346 946eaef80a1dc82af47e10d4913153b3\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_i386.deb\n Size/MD5 checksum: 2262628 a4e5d09c7086373d2a76370c71542ce0\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_i386.deb\n Size/MD5 checksum: 908336 e850093346e148d2132d59db3184d398\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_ia64.deb\n Size/MD5 checksum: 3394850 a43e3948b612ea7b48cdcb267fb26ef5\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_ia64.deb\n Size/MD5 checksum: 1037694 e4cda7f8044cbc72ebbef123124461ea\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_ia64.deb\n Size/MD5 checksum: 974802 a6dcd78bc35ca46bb21ac24ac1ccde1b\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_m68k.deb\n Size/MD5 checksum: 2316460 403eae3e2c3f396a0e789069e8896036\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_m68k.deb\n Size/MD5 checksum: 661108 eeb8f5b59f10b7c5ed5187f25b1505e6\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_m68k.deb\n Size/MD5 checksum: 889522 07baf9c082693a1bbf7d81d49f5dd216\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mips.deb\n Size/MD5 checksum: 2778514 ef833284a26b9ad69eb22c169dcb822f\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mips.deb\n Size/MD5 checksum: 705952 57a2075ffd4746c1c989c06be4e5587e\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mips.deb\n Size/MD5 checksum: 896456 0d93ca64cbc1608c5a8345a574b47ada\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mipsel.deb\n Size/MD5 checksum: 2766270 1d197335ffe887e31525c04466dfd66c\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mipsel.deb\n Size/MD5 checksum: 693836 45f358db6b4e149982a16cced46eb1d7\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mipsel.deb\n Size/MD5 checksum: 895636 60f63815017772f9dcbcfce2d8aa9138\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_powerpc.deb\n Size/MD5 checksum: 2774840 012631d48936597d2bdb35a2c9e597cc\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_powerpc.deb\n Size/MD5 checksum: 778946 3e0d5b50e5c3a1b00faf6c7c18a8ac4f\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_powerpc.deb\n Size/MD5 checksum: 908016 8bfe8de155f113aef3edca883cd72dac\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_s390.deb\n Size/MD5 checksum: 2716386 e8744dd7d49acabdd664bdd505e9efae\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_s390.deb\n Size/MD5 checksum: 813542 05846cc017a99f250d8104c406f2a609\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_s390.deb\n Size/MD5 checksum: 918208 f78b15dae8f8072339e601793707c4eb\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_sparc.deb\n Size/MD5 checksum: 2629368 4532f9940cf010b00b0d1404c11f9da5\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_sparc.deb\n Size/MD5 checksum: 1884394 f7a8f112bb7e09c8c1dacc68c923cd40\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_sparc.deb\n Size/MD5 checksum: 924208 a5e3e93b474e23a0f858eaa3a329d2de\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n\n\n\n\n\n\n\n\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niD8DBQFFBAPBXm3vHE4uyloRAi3GAKDGgqkwyRLRWlGMVZCCaUAqoW/GZwCePsIu\nB9S76g6dsDiigQZAK709Qmk=\n=lxOo\n-----END PGP SIGNATURE-----\n\n. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nOpenOffice.org 3 Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA38568\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38568/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in OpenOffice.org, which can\nbe exploited by malicious people to bypass certain security\nrestrictions, conduct spoofing attacks, or compromise a user\u0027s\nsystem. \n\n1) The included libxml2 library fails to properly verify signatures. \n\nThis is related to:\nSA21709\n\n2) An error in the included libxmlsec library can be exploited to\npotentially forge a valid signature. \n\nFor more information:\nSA35854\n\n3) An error in the included MSVC Runtime package can be exploited to\nbypass certain security features. \n\nFor more information see vulnerability #2 in:\nSA35967\n\n4) An error in the processing XPM files can be exploited to\npotentially execute arbitrary code. \n\n5) An error in the processing GIF files can be exploited to\npotentially execute arbitrary code. \n\n6) An error in the processing of Word documents can be exploited to\npotentially execute arbitrary code. \n\nSOLUTION:\nUpdate to version 3.2. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n4) Sebastian Apelt of siberas\n5) Frank Rei\\xdfner and Sebastian Apelt of siberas\n6) Nicolas Joly of Vupen\n\nORIGINAL ADVISORY:\nhttp://www.openoffice.org/security/cves/CVE-2006-4339.html\nhttp://www.openoffice.org/security/cves/CVE-2009-0217.html\nhttp://www.openoffice.org/security/cves/CVE-2009-2493.html\nhttp://www.openoffice.org/security/cves/CVE-2009-2949.html\nhttp://www.openoffice.org/security/cves/CVE-2009-2950.html\nhttp://www.openoffice.org/security/cves/CVE-2009-3301-3302.html\n\nOTHER REFERENCES:\nSA21709:\nhttp://secunia.com/advisories/21709/\n\nSA35854:\nhttp://secunia.com/advisories/35854/\n\nSA35967:\nhttp://secunia.com/advisories/35967/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "PACKETSTORM",
"id": "86249"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 1.5
},
{
"db": "BID",
"id": "19849",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "49927",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "86249",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "PACKETSTORM",
"id": "86249"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200110-0192",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333334
},
"last_update_date": "2024-08-16T20:58:33.472000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.4,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.diff.gz"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_arm.deb"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-2493.html"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-0217.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38568/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35854/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-3301-3302.html"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-2950.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-2949.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35967/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "PACKETSTORM",
"id": "86249"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "PACKETSTORM",
"id": "86249"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2006-09-13T07:37:56",
"db": "PACKETSTORM",
"id": "49927"
},
{
"date": "2010-02-12T15:35:11",
"db": "PACKETSTORM",
"id": "86249"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2018-10-17T21:35:10.617000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
}
}
var-201011-0251
Vulnerability from variot
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL (0.9.8o). OpenSSL is prone to a heap-based buffer-overflow vulnerability because the library fails to properly perform bounds-checks on user-supplied input before copying it to an insufficiently sized memory buffer. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of applications that use the affected library, but this has not been confirmed. Failed exploit attempts may crash applications, denying service to legitimate users. OpenSSL 0.9.8f to 0.9.8o, 1.0.0, and 1.0.0a are vulnerable. NOTE: This issue affects servers which are multi-threaded and use OpenSSL's internal caching mechanism. Multi-processed servers or servers with disabled internal caching (like Apache HTTP server and Stunnel) are not affected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2011-0003 Synopsis: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX Issue date: 2011-02-10 Updated on: 2011-02-10 (initial release of advisory) CVE numbers: --- Apache Tomcat --- CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 CVE-2009-3548 CVE-2010-2227 CVE-2010-1157 --- Apache Tomcat Manager --- CVE-2010-2928 --- cURL --- CVE-2010-0734 --- COS Kernel --- CVE-2010-1084 CVE-2010-2066 CVE-2010-2070 CVE-2010-2226 CVE-2010-2248 CVE-2010-2521 CVE-2010-2524 CVE-2010-0008 CVE-2010-0415 CVE-2010-0437 CVE-2009-4308 CVE-2010-0003 CVE-2010-0007 CVE-2010-0307 CVE-2010-1086 CVE-2010-0410 CVE-2010-0730 CVE-2010-1085 CVE-2010-0291 CVE-2010-0622 CVE-2010-1087 CVE-2010-1173 CVE-2010-1437 CVE-2010-1088 CVE-2010-1187 CVE-2010-1436 CVE-2010-1641 CVE-2010-3081 --- Microsoft SQL Express --- CVE-2008-5416 CVE-2008-0085 CVE-2008-0086 CVE-2008-0107 CVE-2008-0106 --- OpenSSL --- CVE-2010-0740 CVE-2010-0433 CVE-2010-3864 CVE-2010-2939 --- Oracle (Sun) JRE --- CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 CVE-2010-0886 CVE-2010-3556 CVE-2010-3566 CVE-2010-3567 CVE-2010-3550 CVE-2010-3561 CVE-2010-3573 CVE-2010-3565 CVE-2010-3568 CVE-2010-3569 CVE-2010-1321 CVE-2010-3548 CVE-2010-3551 CVE-2010-3562 CVE-2010-3571 CVE-2010-3554 CVE-2010-3559 CVE-2010-3572 CVE-2010-3553 CVE-2010-3549 CVE-2010-3557 CVE-2010-3541 CVE-2010-3574 --- pam_krb5 --- CVE-2008-3825 CVE-2009-1384
- Summary
Update 1 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere Hypervisor (ESXi) 4.1, ESXi 4.1, addresses several security issues.
- Relevant releases
vCenter Server 4.1 without Update 1,
vCenter Update Manager 4.1 without Update 1,
ESXi 4.1 without patch ESXi410-201101201-SG,
ESX 4.1 without patch ESX410-201101201-SG.
- Problem Description
a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3
Microsoft SQL Server 2005 Express Edition (SQL Express)
distributed with vCenter Server 4.1 Update 1 and vCenter Update
Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2
to SQL Express Service Pack 3, to address multiple security
issues that exist in the earlier releases of Microsoft SQL Express.
Customers using other database solutions need not update for
these issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086,
CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL
Express Service Pack 3.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows affected, patch pending
VirtualCenter 2.5 Windows affected, no patch planned
Update Manager 4.1 Windows Update 1
Update Manager 4.0 Windows affected, patch pending
Update Manager 1.0 Windows affected, no patch planned
hosted * any any not affected
ESXi any ESXi not affected
ESX any ESX not affected
- Hosted products are VMware Workstation, Player, ACE, Fusion.
b. vCenter Apache Tomcat Management Application Credential Disclosure
The Apache Tomcat Manager application configuration file contains
logon credentials that can be read by unprivileged local users.
The issue is resolved by removing the Manager application in
vCenter 4.1 Update 1.
If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon
credentials are not present in the configuration file after the
update.
VMware would like to thank Claudio Criscione of Secure Networking
for reporting this issue to us.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-2928 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows not affected
VirtualCenter 2.5 Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX any ESX not affected
- hosted products are VMware Workstation, Player, ACE, Fusion.
c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21
Oracle (Sun) JRE update to version 1.6.0_21, which addresses
multiple security issues that existed in earlier releases of
Oracle (Sun) JRE.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following names to the security issues fixed in
Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082,
CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088,
CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092,
CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837,
CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841,
CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845,
CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849,
CVE-2010-0850.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following name to the security issue fixed in
Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows not applicable **
VirtualCenter 2.5 Windows not applicable **
Update Manager 4.1 Windows not applicable **
Update Manager 4.0 Windows not applicable **
Update Manager 1.0 Windows not applicable **
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX not applicable **
ESX 3.5 ESX not applicable **
ESX 3.0.3 ESX not applicable **
- hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.5.0 family
d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26
Oracle (Sun) JRE update to version 1.5.0_26, which addresses
multiple security issues that existed in earlier releases of
Oracle (Sun) JRE.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following names to the security issues fixed in
Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566,
CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573,
CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555,
CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562,
CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572,
CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541,
CVE-2010-3574.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows not applicable **
vCenter 4.0 Windows affected, patch pending
VirtualCenter 2.5 Windows affected, no patch planned
Update Manager 4.1 Windows Update 1
Update Manager 4.0 Windows affected, patch pending
Update Manager 1.0 Windows affected, no patch planned
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX not applicable **
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX affected, no patch planned
ESX 3.0.3 ESX affected, no patch planned
- hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.6.0 family
e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28
Apache Tomcat updated to version 6.0.28, which addresses multiple
security issues that existed in earlier releases of Apache Tomcat
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following names to the security issues fixed in
Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i
and CVE-2009-3548.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following names to the security issues fixed in
Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows affected, patch pending
VirtualCenter 2.5 Windows not applicable **
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX not applicable **
ESX 3.0.3 ESX not applicable **
- hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Apache Tomcat 5.5 family
f. vCenter Server third party component OpenSSL updated to version 0.9.8n
The version of the OpenSSL library in vCenter Server is updated to
0.9.8n.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0740 and CVE-2010-0433 to the
issues addressed in this version of OpenSSL.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows affected, patch pending
VirtualCenter 2.5 Windows affected, no patch planned
hosted * any any not applicable
ESXi any ESXi not applicable
ESX any ESX not applicable
- hosted products are VMware Workstation, Player, ACE, Fusion.
g. ESX third party component OpenSSL updated to version 0.9.8p
The version of the ESX OpenSSL library is updated to 0.9.8p.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-3864 and CVE-2010-2939 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not applicable
hosted * any any not applicable
ESXi 4.1 ESXi ESXi410-201101201-SG
ESXi 4.0 ESXi affected, patch pending
ESXi 3.5 ESXi affected, patch pending
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
- hosted products are VMware Workstation, Player, ACE, Fusion.
h. ESXi third party component cURL updated
The version of cURL library in ESXi is updated.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-0734 to the issues addressed in
this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi 4.1 ESXi ESXi410-201101201-SG
ESXi 4.0 ESXi affected, patch pending
ESXi 3.5 ESXi affected, patch pending
ESX any ESX not applicable
- hosted products are VMware Workstation, Player, ACE, Fusion.
i. ESX third party component pam_krb5 updated
The version of pam_krb5 library is updated.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2008-3825 and CVE-2009-1384 to the
issues addressed in the update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
- hosted products are VMware Workstation, Player, ACE, Fusion.
j. ESX third party update for Service Console kernel
The Service Console kernel is updated to include kernel version
2.6.18-194.11.1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070,
CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524,
CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308,
CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086,
CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291,
CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437,
CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and
CVE-2010-3081 to the issues addressed in the update.
Note: This update also addresses the 64-bit compatibility mode
stack pointer underflow issue identified by CVE-2010-3081. This
issue was patched in an ESX 4.1 patch prior to the release of
ESX 4.1 Update 1.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
-
hosted products are VMware Workstation, Player, ACE, Fusion.
-
Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
VMware vCenter Server 4.1 Update 1 and modules
http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html
File type: .iso md5sum: 729cf247aa5d33ceec431c86377eee1a sha1sum: c1e10a5fcbc1ae9d13348d43541d574c563d66f0
File type: .zip md5sum: fd1441bef48a153f2807f6823790e2f0 sha1sum: 31737a816ed1c08ab3a505fb6db2483f49ad7c19
VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4
ESXi 4.1 Installable Update 1
http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes:
http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html http://kb.vmware.com/kb/1027919
File type: .iso MD5SUM: d68d6c2e040a87cd04cd18c04c22c998 SHA1SUM: bbaacc0d34503822c14f6ccfefb6a5b62d18ae64
ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.1) File type: .zip MD5SUM: 2f1e009c046b20042fae3b7ca42a840f SHA1SUM: 1c9c644012dec657a705ddd3d033cbfb87a1fab1
ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.0) File type: .zip MD5SUM: 67b924618d196dafaf268a7691bd1a0f SHA1SUM: 9d74b639e703259d9e49c0341158e0d4e45de516
ESXi 4.1 Update 1 (upgrade ZIP from ESXi 3.5) File type: .zip MD5SUM: a6024b9f6c6b7b2c629696afc6d07cf4 SHA1SUM: b3841de1a30617ac68d5a861882aa72de3a93488
VMware Tools CD image for Linux Guest OSes File type: .iso MD5SUM: dad66fa8ece1dd121c302f45444daa70 SHA1SUM: 56535a2cfa7799607356c6fd0a7d9f041da614af
VMware vSphere Client File type: .exe MD5SUM: cb6aa91ada1289575355d79e8c2a9f8e SHA1SUM: f9e3d8eb83196ae7c31aab554e344a46b722b1e4
ESXi Installable Update 1 contains the following security bulletins: ESXi410-201101201-SG.
ESX 4.1 Update 1
http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes:
http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html http://kb.vmware.com/kb/1029353
ESX 4.1 Update 1 (DVD ISO) File type: .iso md5sum: b9a275b419a20c7bedf31c0bf64f504e sha1sum: 2d85edcaca8218013585e1eab00bc80db6d96e11
ESX 4.1 Update 1 (upgrade ZIP from ESX 4.1) File type: .zip md5sum: 2d81a87e994aa2b329036f11d90b4c14 sha1sum: c2bfc0cf7ac03d24afd5049ddbd09a865aad1798
Pre-upgrade package for ESX 4.0 to ESX 4.1 Update 1 File type: .zip md5sum: 75f8cebfd55d8a81deb57c27def963c2 sha1sum: 889c15aa8008fe0e29439d0ab3468c2beb1c4fe2
ESX 4.1 Update 1 (upgrade ZIP from ESX 4.0) File type: .zip md5sum: 1dc9035cd10e7e60d27e7a7aef57b4c2 sha1sum: e6d3fb65d83a3e263d0f634a3572025854ff8922
VMware Tools CD image for Linux Guest OSes File type: .iso md5sum: dad66fa8ece1dd121c302f45444daa70 sha1sum: 56535a2cfa7799607356c6fd0a7d9f041da614af
VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4
ESX410-Update01 contains the following security bulletins: ESX410-201101201-SG (COS kernel, pam_krb5, cURL, OpenSSL, Apache Tomcat, Oracle (Sun) JRE) | http://kb.vmware.com/kb/1027904 ESX410-201101226-SG (glibc) | http://kb.vmware.com/kb/1031330
ESX410-Update01 also contains the following non-security bulletins ESX410-201101211-UG, ESX410-201101213-UG, ESX410-201101215-UG, ESX410-201101202-UG, ESX410-201101203-UG, ESX410-201101204-UG, ESX410-201101206-UG, ESX410-201101207-UG, ESX410-201101208-UG, ESX410-201101214-UG, ESX410-201101216-UG, ESX410-201101217-UG, ESX410-201101218-UG, ESX410-201101219-UG, ESX410-201101220-UG, ESX410-201101221-UG, ESX410-201101222-UG, ESX410-201101225-UG.
To install an individual bulletin use esxupdate with the -b option.
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2928 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0850 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2524 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4308 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0007 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1436 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574
- Change log
2011-02-10 VMSA-2011-0003 Initial security advisory in conjunction with the release of vCenter Server 4.1 Update 1, vCenter Update Manager 4.1 Update 1, ESXi 4.1 Update 1, and ESX 4.1 Update 1 on 2011-02-10.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2011 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAk1U1eoACgkQS2KysvBH1xm3swCfeh4sWvPOubDT1K7QlRj3SjW9 dxYAmwbNLMR9IG/rKZDYh9hqcf4IldCX =2pVj -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824483 Version: 1
HPSBOV02670 SSRT100475 rev.1 - HP OpenVMS running SSL, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05 Last Updated: 2011-05-05
Potential Security Impact: Remote Denial of Service (DoS), Unauthorized disclosure of information, unauthorized modification
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP OpenVMS running SSL. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS) or unauthorized disclosure of information, or by a remote unauthorized user to modify data, prompts, or responses.
References: CVE-2011-0014, CVE-2010-4180, CVE-2010-4252, CVE-2010-3864
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP SSL for OpenVMS v 1.4 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-4180 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2010-4252 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-3864 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
HP SSL V1.4-453 for OpenVMS Alpha and OpenVMS Integrity servers: http://h71000.www7.hp.com/openvms/products/ssl/ssl.html
HISTORY Version:1 (rev.1) - 5 May 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-01
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 09, 2011 Bugs: #303739, #308011, #322575, #332027, #345767, #347623, #354139, #382069 ID: 201110-01
Synopsis
Multiple vulnerabilities were found in OpenSSL, allowing for the execution of arbitrary code and other attacks.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.0e >= 1.0.0e
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.
Impact
A context-dependent attacker could cause a Denial of Service, possibly execute arbitrary code, bypass intended key requirements, force the downgrade to unintended ciphers, bypass the need for knowledge of shared secrets and successfully authenticate, bypass CRL validation, or obtain sensitive information in applications that use OpenSSL.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.0e"
NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 17, 2011. It is likely that your system is already no longer affected by most of these issues.
References
[ 1 ] CVE-2009-3245 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3245 [ 2 ] CVE-2009-4355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4355 [ 3 ] CVE-2010-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0433 [ 4 ] CVE-2010-0740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0740 [ 5 ] CVE-2010-0742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0742 [ 6 ] CVE-2010-1633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1633 [ 7 ] CVE-2010-2939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2939 [ 8 ] CVE-2010-3864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3864 [ 9 ] CVE-2010-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180 [ 10 ] CVE-2010-4252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4252 [ 11 ] CVE-2011-0014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0014 [ 12 ] CVE-2011-3207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3207 [ 13 ] CVE-2011-3210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-2125-1 security@debian.org http://www.debian.org/security/ Stefan Fritsch November 22, 2010 http://www.debian.org/security/faq
Package : openssl Vulnerability : buffer overflow Problem type : remote Debian-specific: no Debian Bug : 603709 CVE Id(s) : CVE-2010-3864
A flaw has been found in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack.
This upgrade fixes this issue. After the upgrade, any services using the openssl libraries need to be restarted. The checkrestart script from the debian-goodies package or lsof can help to find out which services need to be restarted.
A note to users of the tor packages from the Debian backports or Debian volatile: This openssl update causes problems with some versions of tor. You need to update to tor 0.2.1.26-4~bpo50+1 or 0.2.1.26-1~lennyvolatile2, respectively. The tor package version 0.2.0.35-1~lenny2 from Debian stable is not affected by these problems.
For the stable distribution (lenny), the problem has been fixed in openssl version 0.9.8g-15+lenny9.
For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 0.9.8o-3.
We recommend that you upgrade your openssl packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g.orig.tar.gz Size/MD5 checksum: 3354792 acf70a16359bf3658bdfb74bda1c4419 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.dsc Size/MD5 checksum: 1973 1efb69f23999507bf2e74f5b848744af http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.diff.gz Size/MD5 checksum: 60451 9aba44ed40b0c9c8ec82bd6cd33c44b8
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_alpha.deb Size/MD5 checksum: 2583248 3b3f0cbec4ec28eb310466237648db8f http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_alpha.deb Size/MD5 checksum: 1028998 79fe8cdd601aecd9f956033a04fb8da5 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_alpha.udeb Size/MD5 checksum: 722114 a388304bf86381229c306e79a5e85bf8 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_alpha.deb Size/MD5 checksum: 2814160 e0f6fc697f5e9c87b44aa15eb58c3ea8 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_alpha.deb Size/MD5 checksum: 4369318 c3cf8c7ec27f86563c34f45e986e17c4
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_amd64.deb Size/MD5 checksum: 975850 778916e8b0df8e216121cd5185d7ca43 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_amd64.deb Size/MD5 checksum: 2243180 ff6a898ccd6fb49d5fbec9f4bd3cb6da http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_amd64.udeb Size/MD5 checksum: 638414 9ea111d66ac5f394d35fb69defa5dd27 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_amd64.deb Size/MD5 checksum: 1627632 9f08e1da5cf9279cee4700e89dc6ee6d http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_amd64.deb Size/MD5 checksum: 1043320 9ada82a7417c0d714a38c3a7184c2401
arm architecture (ARM)
http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_arm.udeb Size/MD5 checksum: 536038 a9c90bb3ad326fa43c1285c1768df046 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_arm.deb Size/MD5 checksum: 2087048 bded4e624fcf0791ae0885aa18d99123 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_arm.deb Size/MD5 checksum: 1028894 20784774078f02ef7e9db2ddbd7d5548 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_arm.deb Size/MD5 checksum: 1490666 700c80efddb108b3e2a65373cc10dcc8 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_arm.deb Size/MD5 checksum: 844426 4cad5651a6d37ab19fb80b05a423598d
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_armel.deb Size/MD5 checksum: 1029206 6c6c35731ecacfc0280520097ee183d4 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_armel.udeb Size/MD5 checksum: 540780 3b9ab48015bbd4dfc1ab205b42f1113d http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_armel.deb Size/MD5 checksum: 2100958 fbf2c222a504e09e30f73cb0740a73a5 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_armel.deb Size/MD5 checksum: 1504318 8eaa760844c1b81d0f8bd21bdc7ca1d0 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_armel.deb Size/MD5 checksum: 850286 3e656a0805eb31600f8e3e520a2a6e36
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_hppa.deb Size/MD5 checksum: 2268562 8cb4805915dfde8326fde4281c9aaa76 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_hppa.deb Size/MD5 checksum: 969104 805c95116706c82051a5d08efce729e5 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_hppa.deb Size/MD5 checksum: 1047026 2e06d411c0a8764db3504638d3b59ef9 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_hppa.deb Size/MD5 checksum: 1528456 de6a4129635ee4565696198ce3423674 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_hppa.udeb Size/MD5 checksum: 634504 bab8594389626190b71ee97bfb46fa71
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_i386.deb Size/MD5 checksum: 2108452 d75ba6c13fc77dd3eefddde480a05231 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_i386.deb Size/MD5 checksum: 5393290 14bf0f44b8c802e47834234be834d80b http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_i386.deb Size/MD5 checksum: 2977384 bf4c26767b006694843d036ebdca132a http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_i386.udeb Size/MD5 checksum: 591782 bf5007e22e4bd31445458a5379086103 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_i386.deb Size/MD5 checksum: 1035868 64085f2b106009533bda0309f08548af
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_ia64.deb Size/MD5 checksum: 2666530 42cdae406ce22e3e538f0d744f043a39 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_ia64.deb Size/MD5 checksum: 1465582 33c84255a9515a9a528cbf3df9398ef5 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_ia64.udeb Size/MD5 checksum: 865352 9cbc10e393eb3d30d34ea384c6f1f9f5 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_ia64.deb Size/MD5 checksum: 1105090 cc7485d310d4770c2b1e93c6d74dcc2b http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_ia64.deb Size/MD5 checksum: 1280654 fde186a4983ac6cafcd3d5ec7e1d6f98
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mips.deb Size/MD5 checksum: 1025868 8b7f565c4c0a15b15f20f2e074bb503a http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mips.deb Size/MD5 checksum: 900162 391ac436c8d7ed7b55a8ea9e90c7d8be http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mips.deb Size/MD5 checksum: 2307960 227ac5c7b409d061222b94bc40e8cd18 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mips.deb Size/MD5 checksum: 1622826 8a4f73d6cd497076490404a2dade26ba http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mips.udeb Size/MD5 checksum: 585108 d8447df55a530959b6cd9d5d3039c0da
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mipsel.deb Size/MD5 checksum: 1012186 4a154b5c4d864f7dcd0bf019dfb41c5d http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mipsel.deb Size/MD5 checksum: 1588308 1222eb6b1870602335ef0722b7047b6a http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mipsel.udeb Size/MD5 checksum: 572370 a2535f616be099e9361a55637c3375d3 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mipsel.deb Size/MD5 checksum: 2295070 7446121759684083870d5ae0d26969c0 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mipsel.deb Size/MD5 checksum: 885668 3745e7c578002628f78f02bd5afeb84f
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_powerpc.deb Size/MD5 checksum: 1643808 43814c865d098046bc1dca1920820354 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_powerpc.deb Size/MD5 checksum: 1047060 5c45e5a5d02f856cb9dc29029d0b5557 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_powerpc.udeb Size/MD5 checksum: 656166 309fdeebe15bbecbe8c55dbd5ddbdd3a http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_powerpc.deb Size/MD5 checksum: 997540 f4bf73493f3964b8a23bdd424694f079 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_powerpc.deb Size/MD5 checksum: 2251238 35f6f59b07e57eb538da19545a733d5f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_s390.udeb Size/MD5 checksum: 693040 26cab41169c6b8f64ce7936a2ea65a7b http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_s390.deb Size/MD5 checksum: 1051130 f67b4fd152e1175f81022ffd345d6c78 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_s390.deb Size/MD5 checksum: 2231782 c7796fff8c97bbf0c5ab69440cbd50f9 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_s390.deb Size/MD5 checksum: 1602496 a9595ac98fc11015dd4bb2634416197b http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_s390.deb Size/MD5 checksum: 1024562 ff293933ef4eb5e952659fe7caf82c8b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_sparc.deb Size/MD5 checksum: 2290536 e5c655fbcc524fe7bb56945cc8b2f5d1 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_sparc.deb Size/MD5 checksum: 3868850 b9cbaa2cbb2cfa4aa1dce984148dba4b http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_sparc.deb Size/MD5 checksum: 2146488 d0c17736c2b26a97491e34321ffff3f5 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_sparc.udeb Size/MD5 checksum: 580510 28ab74855c8a34bb002b44fd7ecb8997 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_sparc.deb Size/MD5 checksum: 1043044 d78ffaf44d1177b05fa0cfb02d76128a
These files will probably be moved into the stable distribution on its next update.
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 http://openssl.org/news/secadv_20101116.txt
Updated Packages:
Mandriva Linux 2009.0: b32e4b6e6b901d72fe4aa24bd0f41f9b 2009.0/i586/libopenssl0.9.8-0.9.8h-3.8mdv2009.0.i586.rpm f55512826ad63a1c9c4b60fad54292ac 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.8mdv2009.0.i586.rpm eb005af48a71b807ef387f4c54eedd6f 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.8mdv2009.0.i586.rpm ed01c1d0ea3fdecc8ba3331541d18d9a 2009.0/i586/openssl-0.9.8h-3.8mdv2009.0.i586.rpm a5b43d482e633af8952e7e04f8d7b56e 2009.0/SRPMS/openssl-0.9.8h-3.8mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: 007dedca099e812b7b461e720ef5e6f1 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.8mdv2009.0.x86_64.rpm 293194a028c940a27d11549ef84ff182 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.8mdv2009.0.x86_64.rpm 6b1c8ced8640b51bf25761c127b3ed20 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.8mdv2009.0.x86_64.rpm 76bbe5d36d9887cbc753b267b6d3a608 2009.0/x86_64/openssl-0.9.8h-3.8mdv2009.0.x86_64.rpm a5b43d482e633af8952e7e04f8d7b56e 2009.0/SRPMS/openssl-0.9.8h-3.8mdv2009.0.src.rpm
Mandriva Linux 2010.0: b92acd82153b8987f0bcdb0e277c6f0e 2010.0/i586/libopenssl0.9.8-0.9.8k-5.3mdv2010.0.i586.rpm d780ab4e0e80a66b105f72e41a4d5b54 2010.0/i586/libopenssl0.9.8-devel-0.9.8k-5.3mdv2010.0.i586.rpm 8faae39210b0c366f619cdb71b1a7321 2010.0/i586/libopenssl0.9.8-static-devel-0.9.8k-5.3mdv2010.0.i586.rpm 2247e3b7bff72998d841d650ba25960a 2010.0/i586/openssl-0.9.8k-5.3mdv2010.0.i586.rpm 2c2a297e1c568ef69502064578516f0f 2010.0/SRPMS/openssl-0.9.8k-5.3mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 331d3064412c7b73baed5d54e7262f51 2010.0/x86_64/lib64openssl0.9.8-0.9.8k-5.3mdv2010.0.x86_64.rpm 2e90f43a521e108a8adbde35a058d7b9 2010.0/x86_64/lib64openssl0.9.8-devel-0.9.8k-5.3mdv2010.0.x86_64.rpm 7d102f6bf8bb201654aa518e3b73a27f 2010.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-5.3mdv2010.0.x86_64.rpm 4b7ad813fd5fdd5785bd94eb3a951244 2010.0/x86_64/openssl-0.9.8k-5.3mdv2010.0.x86_64.rpm 2c2a297e1c568ef69502064578516f0f 2010.0/SRPMS/openssl-0.9.8k-5.3mdv2010.0.src.rpm
Mandriva Linux 2010.1: 8310ac6aa860087de6992e618460f279 2010.1/i586/libopenssl1.0.0-1.0.0a-1.5mdv2010.1.i586.rpm 7e7719b1b5c2f91a6eadfab9dd696b8f 2010.1/i586/libopenssl1.0.0-devel-1.0.0a-1.5mdv2010.1.i586.rpm 5b5aa8939c69c69c2ab49145aca37173 2010.1/i586/libopenssl1.0.0-static-devel-1.0.0a-1.5mdv2010.1.i586.rpm 0e6bd59c1d6b2c459acc5c4d0851246a 2010.1/i586/libopenssl-engines1.0.0-1.0.0a-1.5mdv2010.1.i586.rpm de46046e9b1e033cccd668b32b70972c 2010.1/i586/openssl-1.0.0a-1.5mdv2010.1.i586.rpm f6059c72297b6510fa4c816db6742a64 2010.1/SRPMS/openssl-1.0.0a-1.5mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64: c792f3d19c1f9ff50c801feccd600319 2010.1/x86_64/lib64openssl1.0.0-1.0.0a-1.5mdv2010.1.x86_64.rpm 7f3a6b125fc145e17c140218f3b48a92 2010.1/x86_64/lib64openssl1.0.0-devel-1.0.0a-1.5mdv2010.1.x86_64.rpm e5f35fbeadb2f765607325f960de621e 2010.1/x86_64/lib64openssl1.0.0-static-devel-1.0.0a-1.5mdv2010.1.x86_64.rpm 27a8dee6459e0830be1e907f082d25a2 2010.1/x86_64/lib64openssl-engines1.0.0-1.0.0a-1.5mdv2010.1.x86_64.rpm 4b7863a6c8b883f385613bb7a49af128 2010.1/x86_64/openssl-1.0.0a-1.5mdv2010.1.x86_64.rpm f6059c72297b6510fa4c816db6742a64 2010.1/SRPMS/openssl-1.0.0a-1.5mdv2010.1.src.rpm
Mandriva Enterprise Server 5: fef62b69a582a93e821a2d802fb4faee mes5/i586/libopenssl0.9.8-0.9.8h-3.8mdvmes5.1.i586.rpm fe3c0cf3596d90cc3be37a944df1753b mes5/i586/libopenssl0.9.8-devel-0.9.8h-3.8mdvmes5.1.i586.rpm d5a269adf63ee6d4ce21ea651e208180 mes5/i586/libopenssl0.9.8-static-devel-0.9.8h-3.8mdvmes5.1.i586.rpm e410f94c6d8c08270aa1edd5aeb7c177 mes5/i586/openssl-0.9.8h-3.8mdvmes5.1.i586.rpm aaa38cecee165e165beace7e0b02ecdf mes5/SRPMS/openssl-0.9.8h-3.8mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64: ebec7b3044ee3b3b0ab6c455741e5782 mes5/x86_64/lib64openssl0.9.8-0.9.8h-3.8mdvmes5.1.x86_64.rpm 0c201edd531dd53a541739bf6db7f276 mes5/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.8mdvmes5.1.x86_64.rpm 83a690e504f6470ffc4bce428ff09199 mes5/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.8mdvmes5.1.x86_64.rpm fcef579e52e20393ffd2bbae00b602a8 mes5/x86_64/openssl-0.9.8h-3.8mdvmes5.1.x86_64.rpm aaa38cecee165e165beace7e0b02ecdf mes5/SRPMS/openssl-0.9.8h-3.8mdvmes5.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFM49pvmqjQ0CJFipgRAs5xAKDhGJdpzq9ZF6TvhezjZR8zmOQAngCggDa1 vAfiUtuiMqw0BDS3V2tLk/I= =hDGj -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
The fix was developed by Dr Stephen Henson of the OpenSSL core team.
This vulnerability is tracked as CVE-2010-3864
Who is affected?
All versions of OpenSSL supporting TLS extensions contain this vulnerability including OpenSSL 0.9.8f through 0.9.8o, 1.0.0, 1.0.0a releases.
Patch for OpenSSL 0.9.8 releases
Index: ssl/t1_lib.c
RCS file: /v/openssl/cvs/openssl/ssl/t1_lib.c,v retrieving revision 1.13.2.27 diff -u -r1.13.2.27 t1_lib.c --- ssl/t1_lib.c 12 Jun 2010 13:18:58 -0000 1.13.2.27 +++ ssl/t1_lib.c 15 Nov 2010 15:20:14 -0000 @@ -432,14 +432,23 @@ switch (servname_type) { case TLSEXT_NAMETYPE_host_name: - if (s->session->tlsext_hostname == NULL) + if (!s->hit) { - if (len > TLSEXT_MAXLEN_host_name || - ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL)) + if(s->session->tlsext_hostname) + { + al = SSL_AD_DECODE_ERROR; + return 0; + } + if (len > TLSEXT_MAXLEN_host_name) { al = TLS1_AD_UNRECOGNIZED_NAME; return 0; } + if ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL) + { + *al = TLS1_AD_INTERNAL_ERROR; + return 0; + } memcpy(s->session->tlsext_hostname, sdata, len); s->session->tlsext_hostname[len]='\0'; if (strlen(s->session->tlsext_hostname) != len) { @@ -452,7 +461,8 @@
}
else
- s->servername_done = strlen(s->session->tlsext_hostname) == len
- s->servername_done = s->session->tlsext_hostname
- && strlen(s->session->tlsext_hostname) == len
&& strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0;
break;
Patch for OpenSSL 1.0.0 releases
Index: ssl/t1_lib.c
RCS file: /v/openssl/cvs/openssl/ssl/t1_lib.c,v retrieving revision 1.64.2.14 diff -u -r1.64.2.14 t1_lib.c --- ssl/t1_lib.c 15 Jun 2010 17:25:15 -0000 1.64.2.14 +++ ssl/t1_lib.c 15 Nov 2010 15:26:19 -0000 @@ -714,14 +714,23 @@ switch (servname_type) { case TLSEXT_NAMETYPE_host_name: - if (s->session->tlsext_hostname == NULL) + if (!s->hit) { - if (len > TLSEXT_MAXLEN_host_name || - ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL)) + if(s->session->tlsext_hostname) + { + al = SSL_AD_DECODE_ERROR; + return 0; + } + if (len > TLSEXT_MAXLEN_host_name) { al = TLS1_AD_UNRECOGNIZED_NAME; return 0; } + if ((s->session->tlsext_hostname = OPENSSL_malloc(len+1)) == NULL) + { + *al = TLS1_AD_INTERNAL_ERROR; + return 0; + } memcpy(s->session->tlsext_hostname, sdata, len); s->session->tlsext_hostname[len]='\0'; if (strlen(s->session->tlsext_hostname) != len) { @@ -734,7 +743,8 @@
}
else
- s->servername_done = strlen(s->session->tlsext_hostname) == len
- s->servername_done = s->session->tlsext_hostname
- && strlen(s->session->tlsext_hostname) == len
&& strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0;
break;@@ -765,15 +775,22 @@ al = TLS1_AD_DECODE_ERROR; return 0; } - s->session->tlsext_ecpointformatlist_length = 0; - if (s->session->tlsext_ecpointformatlist != NULL) OPENSSL_free(s->session->tlsext_ecpointformatlist); - if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) + if (!s->hit) { - al = TLS1_AD_INTERNAL_ERROR; - return 0; + if(s->session->tlsext_ecpointformatlist) + { + al = TLS1_AD_DECODE_ERROR; + return 0; + } + s->session->tlsext_ecpointformatlist_length = 0; + if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) + { + al = TLS1_AD_INTERNAL_ERROR; + return 0; + } + s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length; + memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length); } - s->session->tlsext_ecpointformatlist_length = ecpointformatlist_length; - memcpy(s->session->tlsext_ecpointformatlist, sdata, ecpointformatlist_length); #if 0 fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ", s->session->tlsext_ecpointformatlist_length); sdata = s->session->tlsext_ecpointformatlist; @@ -794,15 +811,22 @@ al = TLS1_AD_DECODE_ERROR; return 0; } - s->session->tlsext_ellipticcurvelist_length = 0; - if (s->session->tlsext_ellipticcurvelist != NULL) OPENSSL_free(s->session->tlsext_ellipticcurvelist); - if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL) + if (!s->hit) { - al = TLS1_AD_INTERNAL_ERROR; - return 0; + if(s->session->tlsext_ellipticcurvelist) + { + al = TLS1_AD_DECODE_ERROR; + return 0; + } + s->session->tlsext_ellipticcurvelist_length = 0; + if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL) + { + al = TLS1_AD_INTERNAL_ERROR; + return 0; + } + s->session->tlsext_ellipticcurvelist_length = ellipticcurvelist_length; + memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length); } - s->session->tlsext_ellipticcurvelist_length = ellipticcurvelist_length; - memcpy(s->session->tlsext_ellipticcurvelist, sdata, ellipticcurvelist_length); #if 0 fprintf(stderr,"ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ", s->session->tlsext_ellipticcurvelist_length); sdata = s->session->tlsext_ellipticcurvelist;
References
URL for this Security Advisory: http://www.openssl.org/news/secadv_20101116.txt
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
============================================================================= FreeBSD-SA-10:10.openssl Security Advisory The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib Module: openssl Announced: 2010-11-29 Credits: Georgi Guninski, Rob Hulswit Affects: FreeBSD 7.0 and later Corrected: 2010-11-26 22:50:58 UTC (RELENG_8, 8.1-STABLE) 2010-11-29 20:43:06 UTC (RELENG_8_1, 8.1-RELEASE-p2) 2010-11-29 20:43:06 UTC (RELENG_8_0, 8.0-RELEASE-p6) 2010-11-28 13:45:51 UTC (RELENG_7, 7.3-STABLE) 2010-11-29 20:43:06 UTC (RELENG_7_3, 7.3-RELEASE-p4) 2010-11-29 20:43:06 UTC (RELENG_7_1, 7.1-RELEASE-p16) CVE Name: CVE-2010-2939, CVE-2010-3864
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
II. The race condition can lead to a buffer overflow. [CVE-2010-3864]
A double free exists in the SSL client ECDH handling code, when processing specially crafted public keys with invalid prime numbers. [CVE-2010-2939]
III. [CVE-2010-3864].
It may be possible to cause a DoS or potentially execute arbitrary in the context of the user connection to a malicious SSL server. [CVE-2010-2939]
IV. Workaround
No workaround is available, but CVE-2010-3864 only affects FreeBSD 8.0 and later. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 7-STABLE or 8-STABLE, or to the RELENG_8_1, RELENG_8_0, RELENG_7_3, or RELENG_7_1 security branch dated after the correction date.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to FreeBSD 7.1, 7.3, 8.0 and 8.1 systems.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 7.x]
fetch http://security.FreeBSD.org/patches/SA-10:10/openssl7.patch
fetch http://security.FreeBSD.org/patches/SA-10:10/openssl7.patch.asc
[FreeBSD 8.x]
fetch http://security.FreeBSD.org/patches/SA-10:10/openssl.patch
fetch http://security.FreeBSD.org/patches/SA-10:10/openssl.patch.asc
b) Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
cd /usr/src/secure/lib/libssl
make obj && make depend && make && make install
NOTE: On the amd64 platform, the above procedure will not update the lib32 (i386 compatibility) libraries. On amd64 systems where the i386 compatibility libraries are used, the operating system should instead be recompiled as described in
3) To update your vulnerable system via a binary patch:
Systems running 7.1-RELEASE, 7.3-RELEASE, 8.0-RELEASE or 8.1-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
VI. Correction details
The following list contains the revision numbers of each file that was corrected in FreeBSD.
CVS:
Branch Revision Path
RELENG_7_3 src/UPDATING 1.507.2.34.2.6 src/sys/conf/newvers.sh 1.72.2.16.2.8 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.14.2.1.4.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.19 src/sys/conf/newvers.sh 1.72.2.9.2.20 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.14.6.2 RELENG_8_1 src/UPDATING 1.632.2.14.2.5 src/sys/conf/newvers.sh 1.83.2.10.2.6 src/crypto/openssl/ssl/s3_clnt.c 1.3.2.1.2.1 src/crypto/openssl/ssl/t1_lib.c 1.2.2.1.2.1 RELENG_8_0 src/UPDATING 1.632.2.7.2.9 src/sys/conf/newvers.sh 1.83.2.6.2.9 src/crypto/openssl/ssl/s3_clnt.c 1.3.4.1 src/crypto/openssl/ssl/t1_lib.c 1.2.4.1
Subversion:
Branch/path Revision
stable/7/ r215997 releng/7.3/ r216063 releng/7.1/ r216063 stable/8/ r215912 releng/8.0/ r216063 releng/8.1/ r216063
VII
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201011-0251",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8o"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8n"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "efi",
"version": null
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8p"
},
{
"model": "openssl",
"scope": "lt",
"trust": 0.8,
"vendor": "openssl",
"version": "1.0.0b"
},
{
"model": "ace",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esx",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "fusion",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "player",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "vcenter",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "workstation",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.7"
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "3.5.5 before"
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "4.0.1 before"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "opensolaris build snv 134",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.4"
},
{
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 131",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 56",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "opensolaris build snv 38",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.3"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "opensolaris build snv 126",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8"
},
{
"model": "opensolaris build snv 125",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "opensolaris build snv 133",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 129",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "9.1.2"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.4"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.20"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0.1"
},
{
"model": "opensolaris build snv 35",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash media server",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "4.0.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0"
},
{
"model": "opensolaris build snv 134a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "esx server esx410-201101201",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "service health reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"model": "flash media server",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5300-06"
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl 1.0.0b",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "opensolaris build snv 130",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "opensolaris build snv 121",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4"
},
{
"model": "coat systems blue coat reporter",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "9.3.2.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.12"
},
{
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "service health optimizer",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0.2"
},
{
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.4"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.21"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5200-10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "opensolaris build snv 98",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "esxi server esxi410-20110120",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "opensolaris build snv 117",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0"
},
{
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "tivoli netcool/omnibus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.3"
},
{
"model": "opensolaris build snv 151a",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "opensolaris build snv 113",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5"
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "opensolaris build snv 124",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 118",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.60.5"
},
{
"model": "stonegate ssl vpn engine",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.4.5"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "opensolaris build snv 123",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.5"
},
{
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.1"
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "9.1.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "opensolaris build snv 114",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "opensolaris build snv 112",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.2"
},
{
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "coat systems blue coat reporter",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "9.2.5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.60"
},
{
"model": "opensolaris build snv 119",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 128",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.10"
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "9.1.1"
},
{
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.1"
},
{
"model": "project openssl 0.9.8p",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.4"
},
{
"model": "operations manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.60"
},
{
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "opensolaris build snv 71",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "stonegate ssl vpn engine build",
"scope": "ne",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.4.51519"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.11"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.3"
},
{
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.3"
},
{
"model": "opensolaris build snv 28",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.1"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "opensolaris build snv 132",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "opensolaris build snv 48",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 137",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.10"
},
{
"model": "operations manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5"
},
{
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "operations agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.01"
},
{
"model": "opensolaris build snv 37",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "flash media server",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "3.5.5"
},
{
"model": "opensolaris build snv 122",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 115",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "insight control",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.3"
},
{
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "insight control",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensolaris build snv 74",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 120",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris svn 126",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 51",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 136",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.10"
},
{
"model": "performance agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.0"
},
{
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111b",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "opensolaris snv 111b",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 116",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 127",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 135",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0"
},
{
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#737740"
},
{
"db": "BID",
"id": "44884"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002486"
},
{
"db": "NVD",
"id": "CVE-2010-3864"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3864"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rob Hulswit.",
"sources": [
{
"db": "BID",
"id": "44884"
}
],
"trust": 0.3
},
"cve": "CVE-2010-3864",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CVE-2010-3864",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.9,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-3864",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-3864",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-3864"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002486"
},
{
"db": "NVD",
"id": "CVE-2010-3864"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL (0.9.8o). OpenSSL is prone to a heap-based buffer-overflow vulnerability because the library fails to properly perform bounds-checks on user-supplied input before copying it to an insufficiently sized memory buffer. \nSuccessfully exploiting this issue may allow attackers to execute arbitrary code in the context of applications that use the affected library, but this has not been confirmed. Failed exploit attempts may crash applications, denying service to legitimate users. \nOpenSSL 0.9.8f to 0.9.8o, 1.0.0, and 1.0.0a are vulnerable. \nNOTE: This issue affects servers which are multi-threaded and use OpenSSL\u0027s internal caching mechanism. Multi-processed servers or servers with disabled internal caching (like Apache HTTP server and Stunnel) are not affected. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2011-0003\nSynopsis: Third party component updates for VMware vCenter\n Server, vCenter Update Manager, ESXi and ESX\nIssue date: 2011-02-10\nUpdated on: 2011-02-10 (initial release of advisory)\nCVE numbers: --- Apache Tomcat ---\n CVE-2009-2693 CVE-2009-2901 CVE-2009-2902\n CVE-2009-3548 CVE-2010-2227 CVE-2010-1157\n --- Apache Tomcat Manager ---\n CVE-2010-2928\n --- cURL ---\n CVE-2010-0734\n --- COS Kernel ---\n CVE-2010-1084 CVE-2010-2066 CVE-2010-2070\n CVE-2010-2226 CVE-2010-2248 CVE-2010-2521\n CVE-2010-2524 CVE-2010-0008 CVE-2010-0415\n CVE-2010-0437 CVE-2009-4308 CVE-2010-0003\n CVE-2010-0007 CVE-2010-0307 CVE-2010-1086\n CVE-2010-0410 CVE-2010-0730 CVE-2010-1085\n CVE-2010-0291 CVE-2010-0622 CVE-2010-1087\n CVE-2010-1173 CVE-2010-1437 CVE-2010-1088\n CVE-2010-1187 CVE-2010-1436 CVE-2010-1641\n CVE-2010-3081\n --- Microsoft SQL Express ---\n CVE-2008-5416 CVE-2008-0085 CVE-2008-0086\n CVE-2008-0107 CVE-2008-0106\n --- OpenSSL ---\n CVE-2010-0740 CVE-2010-0433\n CVE-2010-3864 CVE-2010-2939\n --- Oracle (Sun) JRE ---\n CVE-2009-3555 CVE-2010-0082 CVE-2010-0084\n CVE-2010-0085 CVE-2010-0087 CVE-2010-0088\n CVE-2010-0089 CVE-2010-0090 CVE-2010-0091\n CVE-2010-0092 CVE-2010-0093 CVE-2010-0094\n CVE-2010-0095 CVE-2010-0837 CVE-2010-0838\n CVE-2010-0839 CVE-2010-0840 CVE-2010-0841\n CVE-2010-0842 CVE-2010-0843 CVE-2010-0844\n CVE-2010-0845 CVE-2010-0846 CVE-2010-0847\n CVE-2010-0848 CVE-2010-0849 CVE-2010-0850\n CVE-2010-0886 CVE-2010-3556 CVE-2010-3566\n CVE-2010-3567 CVE-2010-3550 CVE-2010-3561\n CVE-2010-3573 CVE-2010-3565 CVE-2010-3568\n CVE-2010-3569 CVE-2010-1321 CVE-2010-3548\n CVE-2010-3551 CVE-2010-3562 CVE-2010-3571\n CVE-2010-3554 CVE-2010-3559 CVE-2010-3572\n CVE-2010-3553 CVE-2010-3549 CVE-2010-3557\n CVE-2010-3541 CVE-2010-3574\n --- pam_krb5 ---\n CVE-2008-3825 CVE-2009-1384\n- ------------------------------------------------------------------------\n\n1. Summary\n\n Update 1 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere\n Hypervisor (ESXi) 4.1, ESXi 4.1, addresses several security issues. \n\n\n2. Relevant releases\n\n vCenter Server 4.1 without Update 1,\n\n vCenter Update Manager 4.1 without Update 1,\n\n ESXi 4.1 without patch ESXi410-201101201-SG,\n\n ESX 4.1 without patch ESX410-201101201-SG. \n\n\n3. Problem Description\n\n a. vCenter Server and vCenter Update Manager update Microsoft\n SQL Server 2005 Express Edition to Service Pack 3\n\n Microsoft SQL Server 2005 Express Edition (SQL Express)\n distributed with vCenter Server 4.1 Update 1 and vCenter Update\n Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2\n to SQL Express Service Pack 3, to address multiple security\n issues that exist in the earlier releases of Microsoft SQL Express. \n\n Customers using other database solutions need not update for\n these issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086,\n CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL\n Express Service Pack 3. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows affected, patch pending\n VirtualCenter 2.5 Windows affected, no patch planned\n\n Update Manager 4.1 Windows Update 1\n Update Manager 4.0 Windows affected, patch pending\n Update Manager 1.0 Windows affected, no patch planned\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Hosted products are VMware Workstation, Player, ACE, Fusion. \n\n b. vCenter Apache Tomcat Management Application Credential Disclosure\n\n The Apache Tomcat Manager application configuration file contains\n logon credentials that can be read by unprivileged local users. \n\n The issue is resolved by removing the Manager application in\n vCenter 4.1 Update 1. \n\n If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon\n credentials are not present in the configuration file after the\n update. \n\n VMware would like to thank Claudio Criscione of Secure Networking\n for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-2928 to this issue. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows not affected\n VirtualCenter 2.5 Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version\n 1.6.0_21\n\n Oracle (Sun) JRE update to version 1.6.0_21, which addresses\n multiple security issues that existed in earlier releases of\n Oracle (Sun) JRE. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082,\n CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088,\n CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092,\n CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837,\n CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841,\n CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845,\n CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849,\n CVE-2010-0850. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following name to the security issue fixed in\n Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows not applicable **\n VirtualCenter 2.5 Windows not applicable **\n\n Update Manager 4.1 Windows not applicable **\n Update Manager 4.0 Windows not applicable **\n Update Manager 1.0 Windows not applicable **\n\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX not applicable **\n ESX 3.5 ESX not applicable **\n ESX 3.0.3 ESX not applicable **\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n ** this product uses the Oracle (Sun) JRE 1.5.0 family\n\nd. vCenter Update Manager Oracle (Sun) JRE is updated to version\n 1.5.0_26\n\n Oracle (Sun) JRE update to version 1.5.0_26, which addresses\n multiple security issues that existed in earlier releases of\n Oracle (Sun) JRE. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566,\n CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573,\n CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555,\n CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562,\n CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572,\n CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541,\n CVE-2010-3574. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows not applicable **\n vCenter 4.0 Windows affected, patch pending\n VirtualCenter 2.5 Windows affected, no patch planned\n\n Update Manager 4.1 Windows Update 1\n Update Manager 4.0 Windows affected, patch pending\n Update Manager 1.0 Windows affected, no patch planned\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX not applicable **\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX affected, no patch planned\n ESX 3.0.3 ESX affected, no patch planned\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n ** this product uses the Oracle (Sun) JRE 1.6.0 family\n\n e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28\n\n Apache Tomcat updated to version 6.0.28, which addresses multiple\n security issues that existed in earlier releases of Apache Tomcat\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i\n and CVE-2009-3548. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows affected, patch pending\n VirtualCenter 2.5 Windows not applicable **\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX not applicable **\n ESX 3.0.3 ESX not applicable **\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n ** this product uses the Apache Tomcat 5.5 family\n\n f. vCenter Server third party component OpenSSL updated to version\n 0.9.8n\n\n The version of the OpenSSL library in vCenter Server is updated to\n 0.9.8n. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0740 and CVE-2010-0433 to the\n issues addressed in this version of OpenSSL. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows affected, patch pending\n VirtualCenter 2.5 Windows affected, no patch planned\n\n hosted * any any not applicable\n\n ESXi any ESXi not applicable\n\n ESX any ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n g. ESX third party component OpenSSL updated to version 0.9.8p\n\n The version of the ESX OpenSSL library is updated to 0.9.8p. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-3864 and CVE-2010-2939 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not applicable\n\n hosted * any any not applicable\n ESXi 4.1 ESXi ESXi410-201101201-SG\n ESXi 4.0 ESXi affected, patch pending\n ESXi 3.5 ESXi affected, patch pending\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX affected, patch pending\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n h. ESXi third party component cURL updated\n\n The version of cURL library in ESXi is updated. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-0734 to the issues addressed in\n this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi 4.1 ESXi ESXi410-201101201-SG\n ESXi 4.0 ESXi affected, patch pending\n ESXi 3.5 ESXi affected, patch pending\n\n ESX any ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n i. ESX third party component pam_krb5 updated\n\n The version of pam_krb5 library is updated. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-3825 and CVE-2009-1384 to the\n issues addressed in the update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n j. ESX third party update for Service Console kernel\n\n The Service Console kernel is updated to include kernel version\n 2.6.18-194.11.1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070,\n CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524,\n CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308,\n CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086,\n CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291,\n CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437,\n CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and\n CVE-2010-3081 to the issues addressed in the update. \n\n Note: This update also addresses the 64-bit compatibility mode\n stack pointer underflow issue identified by CVE-2010-3081. This\n issue was patched in an ESX 4.1 patch prior to the release of\n ESX 4.1 Update 1. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX not applicable\n ESX 3.0.3 ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the checksum of your downloaded file. \n\n VMware vCenter Server 4.1 Update 1 and modules\n ----------------------------------------------\n\nhttp://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0\n Release Notes:\n http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html\n\n File type: .iso\n md5sum: 729cf247aa5d33ceec431c86377eee1a\n sha1sum: c1e10a5fcbc1ae9d13348d43541d574c563d66f0\n\n File type: .zip\n md5sum: fd1441bef48a153f2807f6823790e2f0\n sha1sum: 31737a816ed1c08ab3a505fb6db2483f49ad7c19\n\n VMware vSphere Client\n File type: .exe\n md5sum: cb6aa91ada1289575355d79e8c2a9f8e\n sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4\n\n ESXi 4.1 Installable Update 1\n -----------------------------\n\nhttp://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0\n Release Notes:\n\nhttp://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html\n http://kb.vmware.com/kb/1027919\n\n File type: .iso\n MD5SUM: d68d6c2e040a87cd04cd18c04c22c998\n SHA1SUM: bbaacc0d34503822c14f6ccfefb6a5b62d18ae64\n\n ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.1)\n File type: .zip\n MD5SUM: 2f1e009c046b20042fae3b7ca42a840f\n SHA1SUM: 1c9c644012dec657a705ddd3d033cbfb87a1fab1\n\n ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.0)\n File type: .zip\n MD5SUM: 67b924618d196dafaf268a7691bd1a0f\n SHA1SUM: 9d74b639e703259d9e49c0341158e0d4e45de516 \t\n\n ESXi 4.1 Update 1 (upgrade ZIP from ESXi 3.5)\n File type: .zip\n MD5SUM: a6024b9f6c6b7b2c629696afc6d07cf4\n SHA1SUM: b3841de1a30617ac68d5a861882aa72de3a93488 \t\n\n VMware Tools CD image for Linux Guest OSes\n File type: .iso\n MD5SUM: dad66fa8ece1dd121c302f45444daa70\n SHA1SUM: 56535a2cfa7799607356c6fd0a7d9f041da614af \t\n\n VMware vSphere Client\n File type: .exe\n MD5SUM: cb6aa91ada1289575355d79e8c2a9f8e\n SHA1SUM: f9e3d8eb83196ae7c31aab554e344a46b722b1e4\n\n ESXi Installable Update 1 contains the following security bulletins:\n ESXi410-201101201-SG. \n\n ESX 4.1 Update 1\n ----------------\n\nhttp://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0\n Release Notes:\n\nhttp://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html\n http://kb.vmware.com/kb/1029353\n\n ESX 4.1 Update 1 (DVD ISO)\n File type: .iso\n md5sum: b9a275b419a20c7bedf31c0bf64f504e\n sha1sum: 2d85edcaca8218013585e1eab00bc80db6d96e11 \t\n\n ESX 4.1 Update 1 (upgrade ZIP from ESX 4.1)\n File type: .zip\n md5sum: 2d81a87e994aa2b329036f11d90b4c14\n sha1sum: c2bfc0cf7ac03d24afd5049ddbd09a865aad1798 \t\n\n Pre-upgrade package for ESX 4.0 to ESX 4.1 Update 1\n File type: .zip\n md5sum: 75f8cebfd55d8a81deb57c27def963c2\n sha1sum: 889c15aa8008fe0e29439d0ab3468c2beb1c4fe2 \t\n\n ESX 4.1 Update 1 (upgrade ZIP from ESX 4.0)\n File type: .zip\n md5sum: 1dc9035cd10e7e60d27e7a7aef57b4c2\n sha1sum: e6d3fb65d83a3e263d0f634a3572025854ff8922 \t\n\n VMware Tools CD image for Linux Guest OSes\n File type: .iso\n md5sum: dad66fa8ece1dd121c302f45444daa70\n sha1sum: 56535a2cfa7799607356c6fd0a7d9f041da614af \t\n\n VMware vSphere Client\n File type: .exe\n md5sum: cb6aa91ada1289575355d79e8c2a9f8e\n sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4\n\n ESX410-Update01 contains the following security bulletins:\n ESX410-201101201-SG (COS kernel, pam_krb5, cURL, OpenSSL,\n Apache Tomcat, Oracle (Sun) JRE) | http://kb.vmware.com/kb/1027904\n ESX410-201101226-SG (glibc) | http://kb.vmware.com/kb/1031330\n\n ESX410-Update01 also contains the following non-security bulletins\n ESX410-201101211-UG, ESX410-201101213-UG, ESX410-201101215-UG,\n ESX410-201101202-UG, ESX410-201101203-UG, ESX410-201101204-UG,\n ESX410-201101206-UG, ESX410-201101207-UG, ESX410-201101208-UG,\n ESX410-201101214-UG, ESX410-201101216-UG, ESX410-201101217-UG,\n ESX410-201101218-UG, ESX410-201101219-UG, ESX410-201101220-UG,\n ESX410-201101221-UG, ESX410-201101222-UG, ESX410-201101225-UG. \n\n To install an individual bulletin use esxupdate with the -b option. \n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0085\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0086\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0107\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0106\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2928\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0090\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0850\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3825\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1084\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2066\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2070\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2248\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2521\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2524\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0008\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0415\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0437\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4308\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0003\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0007\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0307\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1086\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0410\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0730\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1085\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0291\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1087\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1437\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1088\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1187\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1436\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1641\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2011-02-10 VMSA-2011-0003\nInitial security advisory in conjunction with the release of vCenter\nServer 4.1 Update 1, vCenter Update Manager 4.1 Update 1, ESXi 4.1\nUpdate 1, and ESX 4.1 Update 1 on 2011-02-10. \n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisories\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2011 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAk1U1eoACgkQS2KysvBH1xm3swCfeh4sWvPOubDT1K7QlRj3SjW9\ndxYAmwbNLMR9IG/rKZDYh9hqcf4IldCX\n=2pVj\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02824483\nVersion: 1\n\nHPSBOV02670 SSRT100475 rev.1 - HP OpenVMS running SSL, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-05-05\nLast Updated: 2011-05-05\n\nPotential Security Impact: Remote Denial of Service (DoS), Unauthorized disclosure of information, unauthorized modification\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential vulnerabilities have been identified with HP OpenVMS running SSL. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS) or unauthorized disclosure of information, or by a remote unauthorized user to modify data, prompts, or responses. \n\nReferences: CVE-2011-0014, CVE-2010-4180, CVE-2010-4252, CVE-2010-3864\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP SSL for OpenVMS v 1.4 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-4180 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2010-4252 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2010-3864 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nHP SSL V1.4-453 for OpenVMS Alpha and OpenVMS Integrity servers:\nhttp://h71000.www7.hp.com/openvms/products/ssl/ssl.html\n\nHISTORY\nVersion:1 (rev.1) - 5 May 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201110-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 09, 2011\n Bugs: #303739, #308011, #322575, #332027, #345767, #347623,\n #354139, #382069\n ID: 201110-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in OpenSSL, allowing for the\nexecution of arbitrary code and other attacks. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.0e \u003e= 1.0.0e\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nA context-dependent attacker could cause a Denial of Service, possibly\nexecute arbitrary code, bypass intended key requirements, force the\ndowngrade to unintended ciphers, bypass the need for knowledge of\nshared secrets and successfully authenticate, bypass CRL validation, or\nobtain sensitive information in applications that use OpenSSL. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.0e\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since September 17, 2011. It is likely that your system is\nalready no longer affected by most of these issues. \n\nReferences\n==========\n\n[ 1 ] CVE-2009-3245\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3245\n[ 2 ] CVE-2009-4355\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4355\n[ 3 ] CVE-2010-0433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0433\n[ 4 ] CVE-2010-0740\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0740\n[ 5 ] CVE-2010-0742\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0742\n[ 6 ] CVE-2010-1633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1633\n[ 7 ] CVE-2010-2939\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2939\n[ 8 ] CVE-2010-3864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3864\n[ 9 ] CVE-2010-4180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180\n[ 10 ] CVE-2010-4252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4252\n[ 11 ] CVE-2011-0014\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0014\n[ 12 ] CVE-2011-3207\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3207\n[ 13 ] CVE-2011-3210\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2125-1 security@debian.org\nhttp://www.debian.org/security/ Stefan Fritsch\nNovember 22, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : openssl\nVulnerability : buffer overflow\nProblem type : remote\nDebian-specific: no\nDebian Bug : 603709\nCVE Id(s) : CVE-2010-3864\n\nA flaw has been found in the OpenSSL TLS server extension code parsing\nwhich on affected servers can be exploited in a buffer overrun attack. \n\nThis upgrade fixes this issue. After the upgrade, any services using the\nopenssl libraries need to be restarted. The checkrestart script from the\ndebian-goodies package or lsof can help to find out which services need\nto be restarted. \n\nA note to users of the tor packages from the Debian backports or Debian\nvolatile: This openssl update causes problems with some versions of tor. \nYou need to update to tor 0.2.1.26-4~bpo50+1 or 0.2.1.26-1~lennyvolatile2,\nrespectively. The tor package version 0.2.0.35-1~lenny2 from Debian stable\nis not affected by these problems. \n\nFor the stable distribution (lenny), the problem has been fixed in\nopenssl version 0.9.8g-15+lenny9. \n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), this problem has been fixed in version 0.9.8o-3. \n\nWe recommend that you upgrade your openssl packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\nDebian GNU/Linux 5.0 alias lenny (stable)\n- -----------------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g.orig.tar.gz\n Size/MD5 checksum: 3354792 acf70a16359bf3658bdfb74bda1c4419\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.dsc\n Size/MD5 checksum: 1973 1efb69f23999507bf2e74f5b848744af\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.diff.gz\n Size/MD5 checksum: 60451 9aba44ed40b0c9c8ec82bd6cd33c44b8\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 2583248 3b3f0cbec4ec28eb310466237648db8f\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 1028998 79fe8cdd601aecd9f956033a04fb8da5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_alpha.udeb\n Size/MD5 checksum: 722114 a388304bf86381229c306e79a5e85bf8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 2814160 e0f6fc697f5e9c87b44aa15eb58c3ea8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_alpha.deb\n Size/MD5 checksum: 4369318 c3cf8c7ec27f86563c34f45e986e17c4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 975850 778916e8b0df8e216121cd5185d7ca43\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 2243180 ff6a898ccd6fb49d5fbec9f4bd3cb6da\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_amd64.udeb\n Size/MD5 checksum: 638414 9ea111d66ac5f394d35fb69defa5dd27\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 1627632 9f08e1da5cf9279cee4700e89dc6ee6d\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_amd64.deb\n Size/MD5 checksum: 1043320 9ada82a7417c0d714a38c3a7184c2401\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_arm.udeb\n Size/MD5 checksum: 536038 a9c90bb3ad326fa43c1285c1768df046\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 2087048 bded4e624fcf0791ae0885aa18d99123\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 1028894 20784774078f02ef7e9db2ddbd7d5548\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 1490666 700c80efddb108b3e2a65373cc10dcc8\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_arm.deb\n Size/MD5 checksum: 844426 4cad5651a6d37ab19fb80b05a423598d\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 1029206 6c6c35731ecacfc0280520097ee183d4\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_armel.udeb\n Size/MD5 checksum: 540780 3b9ab48015bbd4dfc1ab205b42f1113d\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 2100958 fbf2c222a504e09e30f73cb0740a73a5\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 1504318 8eaa760844c1b81d0f8bd21bdc7ca1d0\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_armel.deb\n Size/MD5 checksum: 850286 3e656a0805eb31600f8e3e520a2a6e36\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 2268562 8cb4805915dfde8326fde4281c9aaa76\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 969104 805c95116706c82051a5d08efce729e5\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 1047026 2e06d411c0a8764db3504638d3b59ef9\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_hppa.deb\n Size/MD5 checksum: 1528456 de6a4129635ee4565696198ce3423674\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_hppa.udeb\n Size/MD5 checksum: 634504 bab8594389626190b71ee97bfb46fa71\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 2108452 d75ba6c13fc77dd3eefddde480a05231\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 5393290 14bf0f44b8c802e47834234be834d80b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 2977384 bf4c26767b006694843d036ebdca132a\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_i386.udeb\n Size/MD5 checksum: 591782 bf5007e22e4bd31445458a5379086103\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_i386.deb\n Size/MD5 checksum: 1035868 64085f2b106009533bda0309f08548af\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 2666530 42cdae406ce22e3e538f0d744f043a39\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 1465582 33c84255a9515a9a528cbf3df9398ef5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_ia64.udeb\n Size/MD5 checksum: 865352 9cbc10e393eb3d30d34ea384c6f1f9f5\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 1105090 cc7485d310d4770c2b1e93c6d74dcc2b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_ia64.deb\n Size/MD5 checksum: 1280654 fde186a4983ac6cafcd3d5ec7e1d6f98\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 1025868 8b7f565c4c0a15b15f20f2e074bb503a\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 900162 391ac436c8d7ed7b55a8ea9e90c7d8be\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 2307960 227ac5c7b409d061222b94bc40e8cd18\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mips.deb\n Size/MD5 checksum: 1622826 8a4f73d6cd497076490404a2dade26ba\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mips.udeb\n Size/MD5 checksum: 585108 d8447df55a530959b6cd9d5d3039c0da\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 1012186 4a154b5c4d864f7dcd0bf019dfb41c5d\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 1588308 1222eb6b1870602335ef0722b7047b6a\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mipsel.udeb\n Size/MD5 checksum: 572370 a2535f616be099e9361a55637c3375d3\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 2295070 7446121759684083870d5ae0d26969c0\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mipsel.deb\n Size/MD5 checksum: 885668 3745e7c578002628f78f02bd5afeb84f\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 1643808 43814c865d098046bc1dca1920820354\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 1047060 5c45e5a5d02f856cb9dc29029d0b5557\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_powerpc.udeb\n Size/MD5 checksum: 656166 309fdeebe15bbecbe8c55dbd5ddbdd3a\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 997540 f4bf73493f3964b8a23bdd424694f079\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_powerpc.deb\n Size/MD5 checksum: 2251238 35f6f59b07e57eb538da19545a733d5f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_s390.udeb\n Size/MD5 checksum: 693040 26cab41169c6b8f64ce7936a2ea65a7b\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 1051130 f67b4fd152e1175f81022ffd345d6c78\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 2231782 c7796fff8c97bbf0c5ab69440cbd50f9\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 1602496 a9595ac98fc11015dd4bb2634416197b\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_s390.deb\n Size/MD5 checksum: 1024562 ff293933ef4eb5e952659fe7caf82c8b\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 2290536 e5c655fbcc524fe7bb56945cc8b2f5d1\n http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 3868850 b9cbaa2cbb2cfa4aa1dce984148dba4b\n http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 2146488 d0c17736c2b26a97491e34321ffff3f5\n http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_sparc.udeb\n Size/MD5 checksum: 580510 28ab74855c8a34bb002b44fd7ecb8997\n http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_sparc.deb\n Size/MD5 checksum: 1043044 d78ffaf44d1177b05fa0cfb02d76128a\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct this issue. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864\n http://openssl.org/news/secadv_20101116.txt\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2009.0:\n b32e4b6e6b901d72fe4aa24bd0f41f9b 2009.0/i586/libopenssl0.9.8-0.9.8h-3.8mdv2009.0.i586.rpm\n f55512826ad63a1c9c4b60fad54292ac 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.8mdv2009.0.i586.rpm\n eb005af48a71b807ef387f4c54eedd6f 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.8mdv2009.0.i586.rpm\n ed01c1d0ea3fdecc8ba3331541d18d9a 2009.0/i586/openssl-0.9.8h-3.8mdv2009.0.i586.rpm \n a5b43d482e633af8952e7e04f8d7b56e 2009.0/SRPMS/openssl-0.9.8h-3.8mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n 007dedca099e812b7b461e720ef5e6f1 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.8mdv2009.0.x86_64.rpm\n 293194a028c940a27d11549ef84ff182 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.8mdv2009.0.x86_64.rpm\n 6b1c8ced8640b51bf25761c127b3ed20 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.8mdv2009.0.x86_64.rpm\n 76bbe5d36d9887cbc753b267b6d3a608 2009.0/x86_64/openssl-0.9.8h-3.8mdv2009.0.x86_64.rpm \n a5b43d482e633af8952e7e04f8d7b56e 2009.0/SRPMS/openssl-0.9.8h-3.8mdv2009.0.src.rpm\n\n Mandriva Linux 2010.0:\n b92acd82153b8987f0bcdb0e277c6f0e 2010.0/i586/libopenssl0.9.8-0.9.8k-5.3mdv2010.0.i586.rpm\n d780ab4e0e80a66b105f72e41a4d5b54 2010.0/i586/libopenssl0.9.8-devel-0.9.8k-5.3mdv2010.0.i586.rpm\n 8faae39210b0c366f619cdb71b1a7321 2010.0/i586/libopenssl0.9.8-static-devel-0.9.8k-5.3mdv2010.0.i586.rpm\n 2247e3b7bff72998d841d650ba25960a 2010.0/i586/openssl-0.9.8k-5.3mdv2010.0.i586.rpm \n 2c2a297e1c568ef69502064578516f0f 2010.0/SRPMS/openssl-0.9.8k-5.3mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 331d3064412c7b73baed5d54e7262f51 2010.0/x86_64/lib64openssl0.9.8-0.9.8k-5.3mdv2010.0.x86_64.rpm\n 2e90f43a521e108a8adbde35a058d7b9 2010.0/x86_64/lib64openssl0.9.8-devel-0.9.8k-5.3mdv2010.0.x86_64.rpm\n 7d102f6bf8bb201654aa518e3b73a27f 2010.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-5.3mdv2010.0.x86_64.rpm\n 4b7ad813fd5fdd5785bd94eb3a951244 2010.0/x86_64/openssl-0.9.8k-5.3mdv2010.0.x86_64.rpm \n 2c2a297e1c568ef69502064578516f0f 2010.0/SRPMS/openssl-0.9.8k-5.3mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 8310ac6aa860087de6992e618460f279 2010.1/i586/libopenssl1.0.0-1.0.0a-1.5mdv2010.1.i586.rpm\n 7e7719b1b5c2f91a6eadfab9dd696b8f 2010.1/i586/libopenssl1.0.0-devel-1.0.0a-1.5mdv2010.1.i586.rpm\n 5b5aa8939c69c69c2ab49145aca37173 2010.1/i586/libopenssl1.0.0-static-devel-1.0.0a-1.5mdv2010.1.i586.rpm\n 0e6bd59c1d6b2c459acc5c4d0851246a 2010.1/i586/libopenssl-engines1.0.0-1.0.0a-1.5mdv2010.1.i586.rpm\n de46046e9b1e033cccd668b32b70972c 2010.1/i586/openssl-1.0.0a-1.5mdv2010.1.i586.rpm \n f6059c72297b6510fa4c816db6742a64 2010.1/SRPMS/openssl-1.0.0a-1.5mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n c792f3d19c1f9ff50c801feccd600319 2010.1/x86_64/lib64openssl1.0.0-1.0.0a-1.5mdv2010.1.x86_64.rpm\n 7f3a6b125fc145e17c140218f3b48a92 2010.1/x86_64/lib64openssl1.0.0-devel-1.0.0a-1.5mdv2010.1.x86_64.rpm\n e5f35fbeadb2f765607325f960de621e 2010.1/x86_64/lib64openssl1.0.0-static-devel-1.0.0a-1.5mdv2010.1.x86_64.rpm\n 27a8dee6459e0830be1e907f082d25a2 2010.1/x86_64/lib64openssl-engines1.0.0-1.0.0a-1.5mdv2010.1.x86_64.rpm\n 4b7863a6c8b883f385613bb7a49af128 2010.1/x86_64/openssl-1.0.0a-1.5mdv2010.1.x86_64.rpm \n f6059c72297b6510fa4c816db6742a64 2010.1/SRPMS/openssl-1.0.0a-1.5mdv2010.1.src.rpm\n\n Mandriva Enterprise Server 5:\n fef62b69a582a93e821a2d802fb4faee mes5/i586/libopenssl0.9.8-0.9.8h-3.8mdvmes5.1.i586.rpm\n fe3c0cf3596d90cc3be37a944df1753b mes5/i586/libopenssl0.9.8-devel-0.9.8h-3.8mdvmes5.1.i586.rpm\n d5a269adf63ee6d4ce21ea651e208180 mes5/i586/libopenssl0.9.8-static-devel-0.9.8h-3.8mdvmes5.1.i586.rpm\n e410f94c6d8c08270aa1edd5aeb7c177 mes5/i586/openssl-0.9.8h-3.8mdvmes5.1.i586.rpm \n aaa38cecee165e165beace7e0b02ecdf mes5/SRPMS/openssl-0.9.8h-3.8mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n ebec7b3044ee3b3b0ab6c455741e5782 mes5/x86_64/lib64openssl0.9.8-0.9.8h-3.8mdvmes5.1.x86_64.rpm\n 0c201edd531dd53a541739bf6db7f276 mes5/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.8mdvmes5.1.x86_64.rpm\n 83a690e504f6470ffc4bce428ff09199 mes5/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.8mdvmes5.1.x86_64.rpm\n fcef579e52e20393ffd2bbae00b602a8 mes5/x86_64/openssl-0.9.8h-3.8mdvmes5.1.x86_64.rpm \n aaa38cecee165e165beace7e0b02ecdf mes5/SRPMS/openssl-0.9.8h-3.8mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFM49pvmqjQ0CJFipgRAs5xAKDhGJdpzq9ZF6TvhezjZR8zmOQAngCggDa1\nvAfiUtuiMqw0BDS3V2tLk/I=\n=hDGj\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\nThe fix was developed by Dr Stephen Henson of the OpenSSL core team. \n\nThis vulnerability is tracked as CVE-2010-3864\n\nWho is affected?\n=================\n\nAll versions of OpenSSL supporting TLS extensions contain this vulnerability\nincluding OpenSSL 0.9.8f through 0.9.8o, 1.0.0, 1.0.0a releases. \n\nPatch for OpenSSL 0.9.8 releases\n================================\n\nIndex: ssl/t1_lib.c\n===================================================================\nRCS file: /v/openssl/cvs/openssl/ssl/t1_lib.c,v\nretrieving revision 1.13.2.27\ndiff -u -r1.13.2.27 t1_lib.c\n--- ssl/t1_lib.c\t12 Jun 2010 13:18:58 -0000\t1.13.2.27\n+++ ssl/t1_lib.c\t15 Nov 2010 15:20:14 -0000\n@@ -432,14 +432,23 @@\n \t\t\t\tswitch (servname_type)\n \t\t\t\t\t{\n \t\t\t\tcase TLSEXT_NAMETYPE_host_name:\n-\t\t\t\t\tif (s-\u003esession-\u003etlsext_hostname == NULL)\n+\t\t\t\t\tif (!s-\u003ehit)\n \t\t\t\t\t\t{\n-\t\t\t\t\t\tif (len \u003e TLSEXT_MAXLEN_host_name || \n-\t\t\t\t\t\t\t((s-\u003esession-\u003etlsext_hostname = OPENSSL_malloc(len+1)) == NULL))\n+\t\t\t\t\t\tif(s-\u003esession-\u003etlsext_hostname)\n+\t\t\t\t\t\t\t{\n+\t\t\t\t\t\t\t*al = SSL_AD_DECODE_ERROR;\n+\t\t\t\t\t\t\treturn 0;\n+\t\t\t\t\t\t\t}\n+\t\t\t\t\t\tif (len \u003e TLSEXT_MAXLEN_host_name)\n \t\t\t\t\t\t\t{\n \t\t\t\t\t\t\t*al = TLS1_AD_UNRECOGNIZED_NAME;\n \t\t\t\t\t\t\treturn 0;\n \t\t\t\t\t\t\t}\n+\t\t\t\t\t\tif ((s-\u003esession-\u003etlsext_hostname = OPENSSL_malloc(len+1)) == NULL)\n+\t\t\t\t\t\t\t{\n+\t\t\t\t\t\t\t*al = TLS1_AD_INTERNAL_ERROR;\n+\t\t\t\t\t\t\treturn 0;\n+\t\t\t\t\t\t\t}\n \t\t\t\t\t\tmemcpy(s-\u003esession-\u003etlsext_hostname, sdata, len);\n \t\t\t\t\t\ts-\u003esession-\u003etlsext_hostname[len]=\u0027\\0\u0027;\n \t\t\t\t\t\tif (strlen(s-\u003esession-\u003etlsext_hostname) != len) {\n@@ -452,7 +461,8 @@\n \n \t\t\t\t\t\t}\n \t\t\t\t\telse \n-\t\t\t\t\t\ts-\u003eservername_done = strlen(s-\u003esession-\u003etlsext_hostname) == len \n+\t\t\t\t\t\ts-\u003eservername_done = s-\u003esession-\u003etlsext_hostname\n+\t\t\t\t\t\t\t\u0026\u0026 strlen(s-\u003esession-\u003etlsext_hostname) == len \n \t\t\t\t\t\t\t\u0026\u0026 strncmp(s-\u003esession-\u003etlsext_hostname, (char *)sdata, len) == 0;\n \t\t\t\t\t\n \t\t\t\t\tbreak;\n\nPatch for OpenSSL 1.0.0 releases\n================================\n\nIndex: ssl/t1_lib.c\n===================================================================\nRCS file: /v/openssl/cvs/openssl/ssl/t1_lib.c,v\nretrieving revision 1.64.2.14\ndiff -u -r1.64.2.14 t1_lib.c\n--- ssl/t1_lib.c\t15 Jun 2010 17:25:15 -0000\t1.64.2.14\n+++ ssl/t1_lib.c\t15 Nov 2010 15:26:19 -0000\n@@ -714,14 +714,23 @@\n \t\t\t\tswitch (servname_type)\n \t\t\t\t\t{\n \t\t\t\tcase TLSEXT_NAMETYPE_host_name:\n-\t\t\t\t\tif (s-\u003esession-\u003etlsext_hostname == NULL)\n+\t\t\t\t\tif (!s-\u003ehit)\n \t\t\t\t\t\t{\n-\t\t\t\t\t\tif (len \u003e TLSEXT_MAXLEN_host_name || \n-\t\t\t\t\t\t\t((s-\u003esession-\u003etlsext_hostname = OPENSSL_malloc(len+1)) == NULL))\n+\t\t\t\t\t\tif(s-\u003esession-\u003etlsext_hostname)\n+\t\t\t\t\t\t\t{\n+\t\t\t\t\t\t\t*al = SSL_AD_DECODE_ERROR;\n+\t\t\t\t\t\t\treturn 0;\n+\t\t\t\t\t\t\t}\n+\t\t\t\t\t\tif (len \u003e TLSEXT_MAXLEN_host_name)\n \t\t\t\t\t\t\t{\n \t\t\t\t\t\t\t*al = TLS1_AD_UNRECOGNIZED_NAME;\n \t\t\t\t\t\t\treturn 0;\n \t\t\t\t\t\t\t}\n+\t\t\t\t\t\tif ((s-\u003esession-\u003etlsext_hostname = OPENSSL_malloc(len+1)) == NULL)\n+\t\t\t\t\t\t\t{\n+\t\t\t\t\t\t\t*al = TLS1_AD_INTERNAL_ERROR;\n+\t\t\t\t\t\t\treturn 0;\n+\t\t\t\t\t\t\t}\n \t\t\t\t\t\tmemcpy(s-\u003esession-\u003etlsext_hostname, sdata, len);\n \t\t\t\t\t\ts-\u003esession-\u003etlsext_hostname[len]=\u0027\\0\u0027;\n \t\t\t\t\t\tif (strlen(s-\u003esession-\u003etlsext_hostname) != len) {\n@@ -734,7 +743,8 @@\n \n \t\t\t\t\t\t}\n \t\t\t\t\telse \n-\t\t\t\t\t\ts-\u003eservername_done = strlen(s-\u003esession-\u003etlsext_hostname) == len \n+\t\t\t\t\t\ts-\u003eservername_done = s-\u003esession-\u003etlsext_hostname\n+\t\t\t\t\t\t\t\u0026\u0026 strlen(s-\u003esession-\u003etlsext_hostname) == len \n \t\t\t\t\t\t\t\u0026\u0026 strncmp(s-\u003esession-\u003etlsext_hostname, (char *)sdata, len) == 0;\n \t\t\t\t\t\n \t\t\t\t\tbreak;\n@@ -765,15 +775,22 @@\n \t\t\t\t*al = TLS1_AD_DECODE_ERROR;\n \t\t\t\treturn 0;\n \t\t\t\t}\n-\t\t\ts-\u003esession-\u003etlsext_ecpointformatlist_length = 0;\n-\t\t\tif (s-\u003esession-\u003etlsext_ecpointformatlist != NULL) OPENSSL_free(s-\u003esession-\u003etlsext_ecpointformatlist);\n-\t\t\tif ((s-\u003esession-\u003etlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)\n+\t\t\tif (!s-\u003ehit)\n \t\t\t\t{\n-\t\t\t\t*al = TLS1_AD_INTERNAL_ERROR;\n-\t\t\t\treturn 0;\n+\t\t\t\tif(s-\u003esession-\u003etlsext_ecpointformatlist)\n+\t\t\t\t\t{\n+\t\t\t\t\t*al = TLS1_AD_DECODE_ERROR;\n+\t\t\t\t\treturn 0;\n+\t\t\t\t\t}\n+\t\t\t\ts-\u003esession-\u003etlsext_ecpointformatlist_length = 0;\n+\t\t\t\tif ((s-\u003esession-\u003etlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL)\n+\t\t\t\t\t{\n+\t\t\t\t\t*al = TLS1_AD_INTERNAL_ERROR;\n+\t\t\t\t\treturn 0;\n+\t\t\t\t\t}\n+\t\t\t\ts-\u003esession-\u003etlsext_ecpointformatlist_length = ecpointformatlist_length;\n+\t\t\t\tmemcpy(s-\u003esession-\u003etlsext_ecpointformatlist, sdata, ecpointformatlist_length);\n \t\t\t\t}\n-\t\t\ts-\u003esession-\u003etlsext_ecpointformatlist_length = ecpointformatlist_length;\n-\t\t\tmemcpy(s-\u003esession-\u003etlsext_ecpointformatlist, sdata, ecpointformatlist_length);\n #if 0\n \t\t\tfprintf(stderr,\"ssl_parse_clienthello_tlsext s-\u003esession-\u003etlsext_ecpointformatlist (length=%i) \", s-\u003esession-\u003etlsext_ecpointformatlist_length);\n \t\t\tsdata = s-\u003esession-\u003etlsext_ecpointformatlist;\n@@ -794,15 +811,22 @@\n \t\t\t\t*al = TLS1_AD_DECODE_ERROR;\n \t\t\t\treturn 0;\n \t\t\t\t}\n-\t\t\ts-\u003esession-\u003etlsext_ellipticcurvelist_length = 0;\n-\t\t\tif (s-\u003esession-\u003etlsext_ellipticcurvelist != NULL) OPENSSL_free(s-\u003esession-\u003etlsext_ellipticcurvelist);\n-\t\t\tif ((s-\u003esession-\u003etlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL)\n+\t\t\tif (!s-\u003ehit)\n \t\t\t\t{\n-\t\t\t\t*al = TLS1_AD_INTERNAL_ERROR;\n-\t\t\t\treturn 0;\n+\t\t\t\tif(s-\u003esession-\u003etlsext_ellipticcurvelist)\n+\t\t\t\t\t{\n+\t\t\t\t\t*al = TLS1_AD_DECODE_ERROR;\n+\t\t\t\t\treturn 0;\n+\t\t\t\t\t}\n+\t\t\t\ts-\u003esession-\u003etlsext_ellipticcurvelist_length = 0;\n+\t\t\t\tif ((s-\u003esession-\u003etlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL)\n+\t\t\t\t\t{\n+\t\t\t\t\t*al = TLS1_AD_INTERNAL_ERROR;\n+\t\t\t\t\treturn 0;\n+\t\t\t\t\t}\n+\t\t\t\ts-\u003esession-\u003etlsext_ellipticcurvelist_length = ellipticcurvelist_length;\n+\t\t\t\tmemcpy(s-\u003esession-\u003etlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);\n \t\t\t\t}\n-\t\t\ts-\u003esession-\u003etlsext_ellipticcurvelist_length = ellipticcurvelist_length;\n-\t\t\tmemcpy(s-\u003esession-\u003etlsext_ellipticcurvelist, sdata, ellipticcurvelist_length);\n #if 0\n \t\t\tfprintf(stderr,\"ssl_parse_clienthello_tlsext s-\u003esession-\u003etlsext_ellipticcurvelist (length=%i) \", s-\u003esession-\u003etlsext_ellipticcurvelist_length);\n \t\t\tsdata = s-\u003esession-\u003etlsext_ellipticcurvelist;\n\n\nReferences\n===========\n\nURL for this Security Advisory:\nhttp://www.openssl.org/news/secadv_20101116.txt\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-10:10.openssl Security Advisory\n The FreeBSD Project\n\nTopic: OpenSSL multiple vulnerabilities\n\nCategory: contrib\nModule: openssl\nAnnounced: 2010-11-29\nCredits: Georgi Guninski, Rob Hulswit\nAffects: FreeBSD 7.0 and later\nCorrected: 2010-11-26 22:50:58 UTC (RELENG_8, 8.1-STABLE)\n 2010-11-29 20:43:06 UTC (RELENG_8_1, 8.1-RELEASE-p2)\n 2010-11-29 20:43:06 UTC (RELENG_8_0, 8.0-RELEASE-p6)\n 2010-11-28 13:45:51 UTC (RELENG_7, 7.3-STABLE)\n 2010-11-29 20:43:06 UTC (RELENG_7_3, 7.3-RELEASE-p4)\n 2010-11-29 20:43:06 UTC (RELENG_7_1, 7.1-RELEASE-p16)\nCVE Name: CVE-2010-2939, CVE-2010-3864\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. Background\n\nFreeBSD includes software from the OpenSSL Project. The OpenSSL Project is\na collaborative effort to develop a robust, commercial-grade, full-featured\nOpen Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols as well as a full-strength\ngeneral purpose cryptography library. \n\nII. The race condition can lead to\na buffer overflow. [CVE-2010-3864]\n\nA double free exists in the SSL client ECDH handling code, when\nprocessing specially crafted public keys with invalid prime\nnumbers. [CVE-2010-2939]\n\nIII. [CVE-2010-3864]. \n\nIt may be possible to cause a DoS or potentially execute arbitrary in\nthe context of the user connection to a malicious SSL server. \n[CVE-2010-2939]\n\nIV. Workaround\n\nNo workaround is available, but CVE-2010-3864 only affects FreeBSD 8.0\nand later. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 7-STABLE or 8-STABLE, or to the\nRELENG_8_1, RELENG_8_0, RELENG_7_3, or RELENG_7_1 security branch\ndated after the correction date. \n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to FreeBSD 7.1, 7.3,\n8.0 and 8.1 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 7.x]\n# fetch http://security.FreeBSD.org/patches/SA-10:10/openssl7.patch\n# fetch http://security.FreeBSD.org/patches/SA-10:10/openssl7.patch.asc\n\n[FreeBSD 8.x]\n# fetch http://security.FreeBSD.org/patches/SA-10:10/openssl.patch\n# fetch http://security.FreeBSD.org/patches/SA-10:10/openssl.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# cd /usr/src/secure/lib/libssl\n# make obj \u0026\u0026 make depend \u0026\u0026 make \u0026\u0026 make install\n\nNOTE: On the amd64 platform, the above procedure will not update the\nlib32 (i386 compatibility) libraries. On amd64 systems where the i386\ncompatibility libraries are used, the operating system should instead\nbe recompiled as described in\n\u003cURL:http://www.FreeBSD.org/handbook/makeworld.html\u003e\n\n3) To update your vulnerable system via a binary patch:\n\nSystems running 7.1-RELEASE, 7.3-RELEASE, 8.0-RELEASE or 8.1-RELEASE\non the i386 or amd64 platforms can be updated via the\nfreebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nVI. Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nCVS:\n\nBranch Revision\n Path\n- -------------------------------------------------------------------------\nRELENG_7_3\n src/UPDATING 1.507.2.34.2.6\n src/sys/conf/newvers.sh 1.72.2.16.2.8\n src/crypto/openssl/ssl/s3_clnt.c 1.1.1.14.2.1.4.1\nRELENG_7_1\n src/UPDATING 1.507.2.13.2.19\n src/sys/conf/newvers.sh 1.72.2.9.2.20\n src/crypto/openssl/ssl/s3_clnt.c 1.1.1.14.6.2\nRELENG_8_1\n src/UPDATING 1.632.2.14.2.5\n src/sys/conf/newvers.sh 1.83.2.10.2.6\n src/crypto/openssl/ssl/s3_clnt.c 1.3.2.1.2.1\n src/crypto/openssl/ssl/t1_lib.c 1.2.2.1.2.1\nRELENG_8_0\n src/UPDATING 1.632.2.7.2.9\n src/sys/conf/newvers.sh 1.83.2.6.2.9\n src/crypto/openssl/ssl/s3_clnt.c 1.3.4.1\n src/crypto/openssl/ssl/t1_lib.c 1.2.4.1\n- -------------------------------------------------------------------------\n\nSubversion:\n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/7/ r215997\nreleng/7.3/ r216063\nreleng/7.1/ r216063\nstable/8/ r215912\nreleng/8.0/ r216063\nreleng/8.1/ r216063\n- -------------------------------------------------------------------------\n\nVII",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3864"
},
{
"db": "CERT/CC",
"id": "VU#737740"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002486"
},
{
"db": "BID",
"id": "44884"
},
{
"db": "VULMON",
"id": "CVE-2010-3864"
},
{
"db": "PACKETSTORM",
"id": "98419"
},
{
"db": "PACKETSTORM",
"id": "101256"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "96068"
},
{
"db": "PACKETSTORM",
"id": "95943"
},
{
"db": "PACKETSTORM",
"id": "95934"
},
{
"db": "PACKETSTORM",
"id": "96248"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-3864",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#737740",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "42243",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1024743",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42309",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "43312",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "44269",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42336",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42413",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "57353",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42241",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42397",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "42352",
"trust": 1.1
},
{
"db": "BID",
"id": "44884",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-3077",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-3097",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-3121",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-3041",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-3001",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU91284469",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002486",
"trust": 0.8
},
{
"db": "VUPEN",
"id": "2010/3097",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3121",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3041",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3077",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-3864",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98419",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101256",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105638",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96068",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "95943",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "95934",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96248",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#737740"
},
{
"db": "VULMON",
"id": "CVE-2010-3864"
},
{
"db": "BID",
"id": "44884"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002486"
},
{
"db": "PACKETSTORM",
"id": "98419"
},
{
"db": "PACKETSTORM",
"id": "101256"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "96068"
},
{
"db": "PACKETSTORM",
"id": "95943"
},
{
"db": "PACKETSTORM",
"id": "95934"
},
{
"db": "PACKETSTORM",
"id": "96248"
},
{
"db": "NVD",
"id": "CVE-2010-3864"
}
]
},
"id": "VAR-201011-0251",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.11111111
},
"last_update_date": "2022-06-28T21:16:16.795000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB11-11",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-11.html"
},
{
"title": "APSB11-11",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-11.html"
},
{
"title": "HT4723",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4723"
},
{
"title": "HPSBUX02638",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c02737002"
},
{
"title": "secadv_20101116",
"trust": 0.8,
"url": "http://openssl.org/news/secadv_20101116.txt"
},
{
"title": "RHSA-2010:0888",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0888.html"
},
{
"title": "VMSA-2011-0003",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2011-0003.html"
},
{
"title": "Ubuntu Security Notice: openssl vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-1018-1"
},
{
"title": "Debian Security Advisories: DSA-2125-1 openssl -- buffer overflow",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=23cb8e933fce5e73fcc12f7bd731374b"
},
{
"title": "Symantec Security Advisories: SA68 : Multiple SSL/TLS vulnerabilities in Reporter",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=79f3486c7600ac3aeeb5401f9ee75fd3"
},
{
"title": "Splunk Security Announcements: Splunk 4.1.6 updates OpenSSL to 0.9.8p address CVE-2010-3864 - December 1st, 2010",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=splunk_security_announcements\u0026qid=a480dd0eb83fa64bb2d868edfd9943df"
},
{
"title": "VMware Security Advisories: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=ea953b0a91a1816979ec1d304d5e3d93"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-3864"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002486"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002486"
},
{
"db": "NVD",
"id": "CVE-2010-3864"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://secunia.com/advisories/42243"
},
{
"trust": 1.9,
"url": "http://securitytracker.com/id?1024743"
},
{
"trust": 1.5,
"url": "http://www.kb.cert.org/vuls/id/737740"
},
{
"trust": 1.4,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0888.html"
},
{
"trust": 1.4,
"url": "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition"
},
{
"trust": 1.4,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-11.html"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004564"
},
{
"trust": 1.2,
"url": "http://openssl.org/news/secadv_20101116.txt"
},
{
"trust": 1.2,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=649304"
},
{
"trust": 1.2,
"url": "http://security.freebsd.org/advisories/freebsd-sa-10:10.openssl.asc"
},
{
"trust": 1.1,
"url": "http://w3.efi.com/fiery"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-november/051255.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42336"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42352"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42397"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-november/051237.html"
},
{
"trust": 1.1,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-november/051170.html"
},
{
"trust": 1.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.668793"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42309"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2010/dsa-2125"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/3121"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/3041"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42413"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/42241"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/3077"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2011-0003.html"
},
{
"trust": 1.1,
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-january/000101.html"
},
{
"trust": 1.1,
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-january/000102.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43312"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/44269"
},
{
"trust": 1.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c02794777"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4723"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2011//jun/msg00000.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=132828103218869\u0026w=2"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/57353"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3864"
},
{
"trust": 0.8,
"url": "http://www.support.xerox.com/support/docucolor-242-252-260/downloads/enus.html?associatedproduct=fiery-exp260\u0026operatingsystem=win7x64"
},
{
"trust": 0.8,
"url": "https://www.openssl.org/news/vulnerabilities.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu976710"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu91284469/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3864"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/44884"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/3001"
},
{
"trust": 0.5,
"url": "http://www.openssl.org/news/secadv_20101116.txt"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3864"
},
{
"trust": 0.3,
"url": "https://my.stonesoft.com/support/attachment.do?docid=6410\u0026file=ssl-vpn_1.4.5-rlnt.pdf"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03179825"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg400001530"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=isg400001529"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/connections/blogs/psirt/entry/security_bulletin_potential_security_exposure_when_using_ibm_infosphere_streams_due_to_vulnerabilities_in_ibm_java_se_version_6_sdk6?lang=en_us"
},
{
"trust": 0.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa68"
},
{
"trust": 0.3,
"url": "http://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2010-012.txt.asc"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21637929"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/connections/blogs/psirt/entry/security_bulletin_ibm_tivoli_netcool_system_service_monitors_application_service_monitors_is_affected_by_multiple_openssl_vulnerabilities?lang=en_us"
},
{
"trust": 0.3,
"url": "/archive/1/516801"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100131810"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650623"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643698"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas12088ececb530423186257b410072035e"
},
{
"trust": 0.3,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02794777"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21638022"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/support/docview.wss?uid=swg21619837"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory2.asc"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001560"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24030251"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033501"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643442"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21625170"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21627934"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633107"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635888"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21638669"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21638670"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643439"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643437"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643316"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2939"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/362.html"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/1018-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3556"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0085"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1086"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0730"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1088"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1027919"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0095"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0307"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0092"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0093"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3548"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1031330"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0088"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0084"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0089"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3557"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3550"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0085"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1384"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0003"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0837"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0106"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2227"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0107"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2902"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2901"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1085"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0091"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0841"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0840"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0291"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2248"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0415"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3541"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3559"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1027904"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0093"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0433"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0842"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0082"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0886"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0734"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1157"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0094"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0007"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0850"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2524"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0839"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1087"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3825"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1084"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5416"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1384"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0008"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0088"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0849"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2070"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4308"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2693"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0007"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0084"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5416"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3825"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0410"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1321"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0092"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1437"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0003"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0094"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0847"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0740"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0082"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0437"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0844"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3548"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2066"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0089"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2902"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0087"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0087"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2693"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1029353"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0085"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0846"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2226"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1173"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0008"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1641"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2928"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0106"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0845"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0095"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2521"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2901"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3081"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0843"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4180"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0014"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4252"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ssl/ssl.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0742"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4355"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3207"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2939"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3210"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0740"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3245"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-01.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3245"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0014"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4355"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4252"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_hppa.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_armel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_alpha.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8g-15+lenny9_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny9_mips.udeb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny9_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8g-15+lenny9_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8g-15+lenny9_i386.deb"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-10:10/openssl.patch"
},
{
"trust": 0.1,
"url": "http://www.freebsd.org/handbook/makeworld.html\u003e"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "http://www.mail-archive.com/openssl-dev@openssl.org/msg28043.html"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-10:10/openssl7.patch"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-10:10/openssl7.patch.asc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2939"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-10:10/openssl.patch.asc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#737740"
},
{
"db": "VULMON",
"id": "CVE-2010-3864"
},
{
"db": "BID",
"id": "44884"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002486"
},
{
"db": "PACKETSTORM",
"id": "98419"
},
{
"db": "PACKETSTORM",
"id": "101256"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "96068"
},
{
"db": "PACKETSTORM",
"id": "95943"
},
{
"db": "PACKETSTORM",
"id": "95934"
},
{
"db": "PACKETSTORM",
"id": "96248"
},
{
"db": "NVD",
"id": "CVE-2010-3864"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#737740"
},
{
"db": "VULMON",
"id": "CVE-2010-3864"
},
{
"db": "BID",
"id": "44884"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002486"
},
{
"db": "PACKETSTORM",
"id": "98419"
},
{
"db": "PACKETSTORM",
"id": "101256"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "96068"
},
{
"db": "PACKETSTORM",
"id": "95943"
},
{
"db": "PACKETSTORM",
"id": "95934"
},
{
"db": "PACKETSTORM",
"id": "96248"
},
{
"db": "NVD",
"id": "CVE-2010-3864"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-18T00:00:00",
"db": "CERT/CC",
"id": "VU#737740"
},
{
"date": "2010-11-17T00:00:00",
"db": "VULMON",
"id": "CVE-2010-3864"
},
{
"date": "2010-11-16T00:00:00",
"db": "BID",
"id": "44884"
},
{
"date": "2010-12-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002486"
},
{
"date": "2011-02-11T13:13:00",
"db": "PACKETSTORM",
"id": "98419"
},
{
"date": "2011-05-10T00:44:30",
"db": "PACKETSTORM",
"id": "101256"
},
{
"date": "2011-10-09T16:42:00",
"db": "PACKETSTORM",
"id": "105638"
},
{
"date": "2010-11-23T19:08:44",
"db": "PACKETSTORM",
"id": "96068"
},
{
"date": "2010-11-18T01:04:10",
"db": "PACKETSTORM",
"id": "95943"
},
{
"date": "2010-11-18T00:30:27",
"db": "PACKETSTORM",
"id": "95934"
},
{
"date": "2010-12-01T04:32:28",
"db": "PACKETSTORM",
"id": "96248"
},
{
"date": "2010-11-17T16:00:00",
"db": "NVD",
"id": "CVE-2010-3864"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-02T00:00:00",
"db": "CERT/CC",
"id": "VU#737740"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULMON",
"id": "CVE-2010-3864"
},
{
"date": "2015-04-13T20:36:00",
"db": "BID",
"id": "44884"
},
{
"date": "2012-06-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002486"
},
{
"date": "2018-10-10T20:05:00",
"db": "NVD",
"id": "CVE-2010-3864"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "44884"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#737740"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "44884"
}
],
"trust": 0.3
}
}
var-200609-0837
Vulnerability from variot
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:207 http://www.mandriva.com/security/
Package : bind Date : November 14, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem (CVE-2006-4339). BIND uses RSA cryptography as part of its DNSSEC implementation. As a result, to resolve the security issue, these packages need to be upgraded and for both KEY and DNSKEY record types, new RSASHA1 and RSAMD5 keys need to be generated using the "-e" option of dnssec-keygen, if the current keys were generated using the default exponent of 3.
You are able to determine if your keys are vulnerable by looking at the algorithm (1 or 5) and the first three characters of the Base64 encoded RSA key. RSAMD5 (1) and RSASHA1 (5) keys that start with "AQM", "AQN", "AQO", or "AQP" are vulnerable.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://marc.theaimsgroup.com/?l=bind-announce&m=116253119512445
Updated Packages:
Mandriva Linux 2006.0: 1035f92172986ed63ca035de0603a0fd 2006.0/i586/bind-9.3.1-4.2.20060mdk.i586.rpm 4f5949d85f13c68220f4f5f030f63849 2006.0/i586/bind-devel-9.3.1-4.2.20060mdk.i586.rpm f201e05548b673268038e95225451085 2006.0/i586/bind-utils-9.3.1-4.2.20060mdk.i586.rpm 4f57cbdc960171c439223f5c20952460 2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 83b6c31bef9e4df229e2fe5cf8c3aa2a 2006.0/x86_64/bind-9.3.1-4.2.20060mdk.x86_64.rpm fb03e9a493645041816c206267a052f4 2006.0/x86_64/bind-devel-9.3.1-4.2.20060mdk.x86_64.rpm f54babadfba3ec593563724208df1eaa 2006.0/x86_64/bind-utils-9.3.1-4.2.20060mdk.x86_64.rpm 4f57cbdc960171c439223f5c20952460 2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm
Mandriva Linux 2007.0: 6c282a7b5c3cfec534e2557926005bbf 2007.0/i586/bind-9.3.2-8.1mdv2007.0.i586.rpm 03390448f140777d62cdd76e50361526 2007.0/i586/bind-devel-9.3.2-8.1mdv2007.0.i586.rpm 7546dc98ff5e8061636a3a75d6b318fb 2007.0/i586/bind-utils-9.3.2-8.1mdv2007.0.i586.rpm 8be8a7d591971e760d1251bd75f97a6c 2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: c190d522505a16aa97891f525e0034a4 2007.0/x86_64/bind-9.3.2-8.1mdv2007.0.x86_64.rpm 594cacdac86db81b0c62a7380c6a3a2d 2007.0/x86_64/bind-devel-9.3.2-8.1mdv2007.0.x86_64.rpm e827e65717615868896e43bcb4856f2d 2007.0/x86_64/bind-utils-9.3.2-8.1mdv2007.0.x86_64.rpm 8be8a7d591971e760d1251bd75f97a6c 2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm
Corporate 3.0: fa096b2fac1840797e382ba61728d47e corporate/3.0/i586/bind-9.2.3-6.2.C30mdk.i586.rpm 0f1e56f1f3a2689443c04b52d8ce5545 corporate/3.0/i586/bind-devel-9.2.3-6.2.C30mdk.i586.rpm 99bf1f4127e97b8941b597aa5e19aa0a corporate/3.0/i586/bind-utils-9.2.3-6.2.C30mdk.i586.rpm 2b49bd9c7edf8bd81b297260b54de32d corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm
Corporate 3.0/X86_64: e74bea44aee406d11c87227584790c26 corporate/3.0/x86_64/bind-9.2.3-6.2.C30mdk.x86_64.rpm b108edf227b55f3af3ab55b48c23a62a corporate/3.0/x86_64/bind-devel-9.2.3-6.2.C30mdk.x86_64.rpm ba548cbba992f479ad40ecf0808f36cb corporate/3.0/x86_64/bind-utils-9.2.3-6.2.C30mdk.x86_64.rpm 2b49bd9c7edf8bd81b297260b54de32d corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm
Corporate 4.0: 8bfc97510d4f07568d64c9b9872b4bba corporate/4.0/i586/bind-9.3.2-7.1.20060mlcs4.i586.rpm dda709703f8bf05f1ff59ae6132a81a7 corporate/4.0/i586/bind-devel-9.3.2-7.1.20060mlcs4.i586.rpm daf59d23abaaaf62c990d2fa1155688c corporate/4.0/i586/bind-utils-9.3.2-7.1.20060mlcs4.i586.rpm ccfd1d4d79b168ab5f7998e51c305a26 corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 3d1bbe1e7d4f2de6e546996e181a16b0 corporate/4.0/x86_64/bind-9.3.2-7.1.20060mlcs4.x86_64.rpm c1b8467d62623ef5daf35a696ab2389e corporate/4.0/x86_64/bind-devel-9.3.2-7.1.20060mlcs4.x86_64.rpm 83cf57110f107c450aaac5931ee52ecb corporate/4.0/x86_64/bind-utils-9.3.2-7.1.20060mlcs4.x86_64.rpm ccfd1d4d79b168ab5f7998e51c305a26 corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm
Multi Network Firewall 2.0: abd228e7f0b762ae8c11c8ecd90200c2 mnf/2.0/i586/bind-9.2.3-6.2.M20mdk.i586.rpm dd7b0785e31880a09d10957695c0552d mnf/2.0/i586/bind-devel-9.2.3-6.2.M20mdk.i586.rpm 0a2052e5f263b8b8d94111a581928c57 mnf/2.0/i586/bind-utils-9.2.3-6.2.M20mdk.i586.rpm eff2c78779b4285783ffea14e6e33c31 mnf/2.0/SRPMS/bind-9.2.3-6.2.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFWlnDmqjQ0CJFipgRAvl+AKCd5q51CkdHf1UnUJ4imb9Fzl5mZQCfaW5Z 6faoicEmIFqGW4QuEVIhCbU= =bI0u -----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/
TITLE: OpenOffice.org 2 Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA38567
VERIFY ADVISORY: http://secunia.com/advisories/38567/
DESCRIPTION: Some vulnerabilities have been reported in OpenOffice.org, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, or compromise a user's system.
For more information: SA38568
SOLUTION: Upgrade to version 3.2.
ORIGINAL ADVISORY: http://www.openoffice.org/security/cves/CVE-2006-4339.html http://www.openoffice.org/security/cves/CVE-2009-0217.html http://www.openoffice.org/security/cves/CVE-2009-2949.html http://www.openoffice.org/security/cves/CVE-2009-2950.html http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html
OTHER REFERENCES: SA38568: http://secunia.com/advisories/38568/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0837",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.9.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com\u203bVicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es\u203bAlexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4339",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:207\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : bind\n Date : November 14, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n The BIND DNS server is vulnerable to the recently-discovered OpenSSL\n RSA signature verification problem (CVE-2006-4339). BIND uses RSA\n cryptography as part of its DNSSEC implementation. As a result, to\n resolve the security issue, these packages need to be upgraded and for\n both KEY and DNSKEY record types, new RSASHA1 and RSAMD5 keys need to\n be generated using the \"-e\" option of dnssec-keygen, if the current\n keys were generated using the default exponent of 3. \n\n You are able to determine if your keys are vulnerable by looking at the\n algorithm (1 or 5) and the first three characters of the Base64 encoded\n RSA key. RSAMD5 (1) and RSASHA1 (5) keys that start with \"AQM\", \"AQN\",\n \"AQO\", or \"AQP\" are vulnerable. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 1035f92172986ed63ca035de0603a0fd 2006.0/i586/bind-9.3.1-4.2.20060mdk.i586.rpm\n 4f5949d85f13c68220f4f5f030f63849 2006.0/i586/bind-devel-9.3.1-4.2.20060mdk.i586.rpm\n f201e05548b673268038e95225451085 2006.0/i586/bind-utils-9.3.1-4.2.20060mdk.i586.rpm \n 4f57cbdc960171c439223f5c20952460 2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 83b6c31bef9e4df229e2fe5cf8c3aa2a 2006.0/x86_64/bind-9.3.1-4.2.20060mdk.x86_64.rpm\n fb03e9a493645041816c206267a052f4 2006.0/x86_64/bind-devel-9.3.1-4.2.20060mdk.x86_64.rpm\n f54babadfba3ec593563724208df1eaa 2006.0/x86_64/bind-utils-9.3.1-4.2.20060mdk.x86_64.rpm \n 4f57cbdc960171c439223f5c20952460 2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 6c282a7b5c3cfec534e2557926005bbf 2007.0/i586/bind-9.3.2-8.1mdv2007.0.i586.rpm\n 03390448f140777d62cdd76e50361526 2007.0/i586/bind-devel-9.3.2-8.1mdv2007.0.i586.rpm\n 7546dc98ff5e8061636a3a75d6b318fb 2007.0/i586/bind-utils-9.3.2-8.1mdv2007.0.i586.rpm \n 8be8a7d591971e760d1251bd75f97a6c 2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n c190d522505a16aa97891f525e0034a4 2007.0/x86_64/bind-9.3.2-8.1mdv2007.0.x86_64.rpm\n 594cacdac86db81b0c62a7380c6a3a2d 2007.0/x86_64/bind-devel-9.3.2-8.1mdv2007.0.x86_64.rpm\n e827e65717615868896e43bcb4856f2d 2007.0/x86_64/bind-utils-9.3.2-8.1mdv2007.0.x86_64.rpm \n 8be8a7d591971e760d1251bd75f97a6c 2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n fa096b2fac1840797e382ba61728d47e corporate/3.0/i586/bind-9.2.3-6.2.C30mdk.i586.rpm\n 0f1e56f1f3a2689443c04b52d8ce5545 corporate/3.0/i586/bind-devel-9.2.3-6.2.C30mdk.i586.rpm\n 99bf1f4127e97b8941b597aa5e19aa0a corporate/3.0/i586/bind-utils-9.2.3-6.2.C30mdk.i586.rpm \n 2b49bd9c7edf8bd81b297260b54de32d corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n e74bea44aee406d11c87227584790c26 corporate/3.0/x86_64/bind-9.2.3-6.2.C30mdk.x86_64.rpm\n b108edf227b55f3af3ab55b48c23a62a corporate/3.0/x86_64/bind-devel-9.2.3-6.2.C30mdk.x86_64.rpm\n ba548cbba992f479ad40ecf0808f36cb corporate/3.0/x86_64/bind-utils-9.2.3-6.2.C30mdk.x86_64.rpm \n 2b49bd9c7edf8bd81b297260b54de32d corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm\n\n Corporate 4.0:\n 8bfc97510d4f07568d64c9b9872b4bba corporate/4.0/i586/bind-9.3.2-7.1.20060mlcs4.i586.rpm\n dda709703f8bf05f1ff59ae6132a81a7 corporate/4.0/i586/bind-devel-9.3.2-7.1.20060mlcs4.i586.rpm\n daf59d23abaaaf62c990d2fa1155688c corporate/4.0/i586/bind-utils-9.3.2-7.1.20060mlcs4.i586.rpm \n ccfd1d4d79b168ab5f7998e51c305a26 corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 3d1bbe1e7d4f2de6e546996e181a16b0 corporate/4.0/x86_64/bind-9.3.2-7.1.20060mlcs4.x86_64.rpm\n c1b8467d62623ef5daf35a696ab2389e corporate/4.0/x86_64/bind-devel-9.3.2-7.1.20060mlcs4.x86_64.rpm\n 83cf57110f107c450aaac5931ee52ecb corporate/4.0/x86_64/bind-utils-9.3.2-7.1.20060mlcs4.x86_64.rpm \n ccfd1d4d79b168ab5f7998e51c305a26 corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n abd228e7f0b762ae8c11c8ecd90200c2 mnf/2.0/i586/bind-9.2.3-6.2.M20mdk.i586.rpm\n dd7b0785e31880a09d10957695c0552d mnf/2.0/i586/bind-devel-9.2.3-6.2.M20mdk.i586.rpm\n 0a2052e5f263b8b8d94111a581928c57 mnf/2.0/i586/bind-utils-9.2.3-6.2.M20mdk.i586.rpm \n eff2c78779b4285783ffea14e6e33c31 mnf/2.0/SRPMS/bind-9.2.3-6.2.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFWlnDmqjQ0CJFipgRAvl+AKCd5q51CkdHf1UnUJ4imb9Fzl5mZQCfaW5Z\n6faoicEmIFqGW4QuEVIhCbU=\n=bI0u\n-----END PGP SIGNATURE-----\n\n. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nOpenOffice.org 2 Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA38567\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38567/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in OpenOffice.org, which can\nbe exploited by malicious people to bypass certain security\nrestrictions, conduct spoofing attacks, or compromise a user\u0027s\nsystem. \n\nFor more information:\nSA38568\n\nSOLUTION:\nUpgrade to version 3.2. \n\nORIGINAL ADVISORY:\nhttp://www.openoffice.org/security/cves/CVE-2006-4339.html\nhttp://www.openoffice.org/security/cves/CVE-2009-0217.html\nhttp://www.openoffice.org/security/cves/CVE-2009-2949.html\nhttp://www.openoffice.org/security/cves/CVE-2009-2950.html\nhttp://www.openoffice.org/security/cves/CVE-2009-3301-3302.html\n\nOTHER REFERENCES:\nSA38568:\nhttp://secunia.com/advisories/38568/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "52186"
},
{
"db": "PACKETSTORM",
"id": "86234"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 1.8
},
{
"db": "BID",
"id": "19849",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "52186",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "86234",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "52186"
},
{
"db": "PACKETSTORM",
"id": "86234"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200609-0837",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.32525984999999996
},
"last_update_date": "2024-05-17T22:22:44.985000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OOo_3.2.1_Win_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3189"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3193"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3192"
},
{
"title": "OOo_3.2.1_Linux_x86_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3191"
},
{
"title": "OOo_3.2.0_Solaris_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3195"
},
{
"title": "OOo_3.2.1_Linux_x86_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3190"
},
{
"title": "OOo_3.2.0_MacOS_x86_install_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3194"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.4,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-0217.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38568/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-3301-3302.html"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-2950.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-2949.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38567/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "52186"
},
{
"db": "PACKETSTORM",
"id": "86234"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "52186"
},
{
"db": "PACKETSTORM",
"id": "86234"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2006-11-16T16:32:32",
"db": "PACKETSTORM",
"id": "52186"
},
{
"date": "2010-02-12T13:01:15",
"db": "PACKETSTORM",
"id": "86234"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2018-10-17T21:35:10.617000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
}
}
var-200609-0995
Vulnerability from variot
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/
TITLE: OpenOffice.org 3 Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA38568
VERIFY ADVISORY: http://secunia.com/advisories/38568/
DESCRIPTION: Some vulnerabilities have been reported in OpenOffice.org, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, or compromise a user's system.
1) The included libxml2 library fails to properly verify signatures.
This is related to: SA21709
2) An error in the included libxmlsec library can be exploited to potentially forge a valid signature.
For more information: SA35854
3) An error in the included MSVC Runtime package can be exploited to bypass certain security features.
For more information see vulnerability #2 in: SA35967
4) An error in the processing XPM files can be exploited to potentially execute arbitrary code.
5) An error in the processing GIF files can be exploited to potentially execute arbitrary code.
6) An error in the processing of Word documents can be exploited to potentially execute arbitrary code.
SOLUTION: Update to version 3.2.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 4) Sebastian Apelt of siberas 5) Frank Rei\xdfner and Sebastian Apelt of siberas 6) Nicolas Joly of Vupen
ORIGINAL ADVISORY: http://www.openoffice.org/security/cves/CVE-2006-4339.html http://www.openoffice.org/security/cves/CVE-2009-0217.html http://www.openoffice.org/security/cves/CVE-2009-2493.html http://www.openoffice.org/security/cves/CVE-2009-2949.html http://www.openoffice.org/security/cves/CVE-2009-2950.html http://www.openoffice.org/security/cves/CVE-2009-3301-3302.html
OTHER REFERENCES: SA21709: http://secunia.com/advisories/21709/
SA35854: http://secunia.com/advisories/35854/
SA35967: http://secunia.com/advisories/35967/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00794048 Version: 1
HPSBUX02165 SSRT061266 rev.1 - HP-UX VirtualVault Remote Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2006-10-31 Last Updated: 2006-10-31
Potential Security Impact: Remote Unauthorized access
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access.
References: CVE-2006-4339
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.04 running Virtualvault 4.7 or Virtualvault 4.6 or Virtualvault 4.5 or HP WebProxy.
BACKGROUND
The OpenSSL community has released OpenSSL 0.9.7.k version superseding the OpenSSL 0.9.7i release that was identified in the CVE report.
Note: To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed.
AFFECTED VERSIONS
HP-UX B.11.04 Virtualvault A.04.70
VaultWS.WS-CORE VaultTS.VV-IWS VaultTS.VV-CORE-CMN VaultTGP.TGP-CORE action: install PHSS_35463, PHSS_35460, PHSS_35481 or subsequent
HP-UX B.11.04 Virtualvault A.04.70 (Apache 2.X)
VaultWS.WS-CORE action: install PHSS_35436 or subsequent
HP-UX B.11.04 Virtualvault A.04.60
VaultWS.WS-CORE VaultTS.VV-IWS VaultTS.VV-CORE-CMN VaultTGP.TGP-CORE action: install PHSS_35462, PHSS_35459, PHSS_35480 or subsequent
HP-UX B.11.04 Virtualvault A.04.50
VaultWS.WS-CORE VaultTS.VV-IWS VaultTS.VV-IWS-JK VaultTS.VV-CORE-CMN action: install PHSS_35461, PHSS_35458 or subsequent
HP-UX B.11.04 HP Webproxy A.02.10 (Apache 2.x)
HP_Webproxy.HPWEB-PX-CORE action: install PHSS_35437 or subsequent
HP-UX B.11.04 HP Webproxy A.02.10 (Apache 1.x)
HP_Webproxy.HPWEB-PX-CORE action: install PHSS_35111 or subsequent
HP-UX B.11.04 HP Webproxy A.02.00
HP_Webproxy.HPWEB-PX-CORE action: install PHSS_35110 or subsequent
END AFFECTED VERSIONS
RESOLUTION
HP is making the following patches available to resolve this issue. The patches are available for download from http://itrc.hp.com
For B.11.04 HP has made the following patches available: PHSS_35463 Virtualvault 4.7 OWS (Apache 1.x) update PHSS_35460 Virtualvault 4.7 IWS update PHSS_35481 Virtualvault 4.7 TGP update PHSS_35436 Virtualvault 4.7 OWS (Apache 2.x) update PHSS_35462 Virtualvault 4.6 OWS update PHSS_35459 Virtualvault 4.6 IWS update PHSS_35480 Virtualvault 4.6 TGP update PHSS_35461 Virtualvault 4.5 OWS update PHSS_35458 Virtualvault 4.5 IWS update PHSS_35437 Webproxy server 2.1 (Apache 2.x) update PHSS_35111 Webproxy server 2.1 (Apache 1.x) update PHSS_35110 Webproxy server 2.0 update
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
MANUAL ACTIONS: No
HISTORY Version: 1 (rev.1) 31 October 2006 Initial release
Third Party Security Patches: Third Party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com. It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA& langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
-
The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW, MA = HP Management Agents, MI = Misc. 3rd party SW, MP = HP MPE/iX, NS = HP NonStop Servers, OV = HP OpenVMS, PI = HP Printing & Imaging, ST = HP Storage SW, TL = HP Trusted Linux, TU = HP Tru64 UNIX, UX = HP-UX, VV = HP Virtual Vault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
(c)Copyright 2006 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP nor its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0995",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.9.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Bleichenbacher reported this issue to the vendor.",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4339",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nOpenOffice.org 3 Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA38568\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38568/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in OpenOffice.org, which can\nbe exploited by malicious people to bypass certain security\nrestrictions, conduct spoofing attacks, or compromise a user\u0027s\nsystem. \n\n1) The included libxml2 library fails to properly verify signatures. \n\nThis is related to:\nSA21709\n\n2) An error in the included libxmlsec library can be exploited to\npotentially forge a valid signature. \n\nFor more information:\nSA35854\n\n3) An error in the included MSVC Runtime package can be exploited to\nbypass certain security features. \n\nFor more information see vulnerability #2 in:\nSA35967\n\n4) An error in the processing XPM files can be exploited to\npotentially execute arbitrary code. \n\n5) An error in the processing GIF files can be exploited to\npotentially execute arbitrary code. \n\n6) An error in the processing of Word documents can be exploited to\npotentially execute arbitrary code. \n\nSOLUTION:\nUpdate to version 3.2. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n4) Sebastian Apelt of siberas\n5) Frank Rei\\xdfner and Sebastian Apelt of siberas\n6) Nicolas Joly of Vupen\n\nORIGINAL ADVISORY:\nhttp://www.openoffice.org/security/cves/CVE-2006-4339.html\nhttp://www.openoffice.org/security/cves/CVE-2009-0217.html\nhttp://www.openoffice.org/security/cves/CVE-2009-2493.html\nhttp://www.openoffice.org/security/cves/CVE-2009-2949.html\nhttp://www.openoffice.org/security/cves/CVE-2009-2950.html\nhttp://www.openoffice.org/security/cves/CVE-2009-3301-3302.html\n\nOTHER REFERENCES:\nSA21709:\nhttp://secunia.com/advisories/21709/\n\nSA35854:\nhttp://secunia.com/advisories/35854/\n\nSA35967:\nhttp://secunia.com/advisories/35967/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00794048\nVersion: 1\n\nHPSBUX02165 SSRT061266 rev.1 - HP-UX VirtualVault Remote Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2006-10-31\nLast Updated: 2006-10-31\n\n\nPotential Security Impact: Remote Unauthorized access\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA security vulnerability has been identified in OpenSSL used in HP VirtualVault 4.7, 4.6, 4.5 and HP WebProxy that may allow remote unauthorized access. \n\nReferences: CVE-2006-4339\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.04 running Virtualvault 4.7 or Virtualvault 4.6 or Virtualvault 4.5 or HP WebProxy. \n\nBACKGROUND\n\nThe OpenSSL community has released OpenSSL 0.9.7.k version superseding the OpenSSL 0.9.7i release that was identified in the CVE report. \n\nNote: To determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended patch or update is installed. \n\nAFFECTED VERSIONS \n\nHP-UX B.11.04 Virtualvault A.04.70 \n=========================== \nVaultWS.WS-CORE \nVaultTS.VV-IWS \nVaultTS.VV-CORE-CMN \nVaultTGP.TGP-CORE \naction: install PHSS_35463, PHSS_35460, PHSS_35481 or subsequent \n\nHP-UX B.11.04 Virtualvault A.04.70 (Apache 2.X) \n==================================== \nVaultWS.WS-CORE \naction: install PHSS_35436 or subsequent \n\nHP-UX B.11.04 Virtualvault A.04.60 \n=========================== \nVaultWS.WS-CORE \nVaultTS.VV-IWS \nVaultTS.VV-CORE-CMN \nVaultTGP.TGP-CORE \naction: install PHSS_35462, PHSS_35459, PHSS_35480 or subsequent \n\nHP-UX B.11.04 Virtualvault A.04.50 \n=========================== \nVaultWS.WS-CORE \nVaultTS.VV-IWS \nVaultTS.VV-IWS-JK \nVaultTS.VV-CORE-CMN \naction: install PHSS_35461, PHSS_35458 or subsequent \n\nHP-UX B.11.04 HP Webproxy A.02.10 (Apache 2.x) \n============================ \nHP_Webproxy.HPWEB-PX-CORE \naction: install PHSS_35437 or subsequent \n\nHP-UX B.11.04 HP Webproxy A.02.10 (Apache 1.x) \n============================ \nHP_Webproxy.HPWEB-PX-CORE \naction: install PHSS_35111 or subsequent \n\nHP-UX B.11.04 HP Webproxy A.02.00 \n============================ \nHP_Webproxy.HPWEB-PX-CORE \naction: install PHSS_35110 or subsequent \n\nEND AFFECTED VERSIONS \n\n\n\nRESOLUTION\n\nHP is making the following patches available to resolve this issue. \nThe patches are available for download from http://itrc.hp.com \n\nFor B.11.04 HP has made the following patches available: \nPHSS_35463 Virtualvault 4.7 OWS (Apache 1.x) update \nPHSS_35460 Virtualvault 4.7 IWS update \nPHSS_35481 Virtualvault 4.7 TGP update \nPHSS_35436 Virtualvault 4.7 OWS (Apache 2.x) update \nPHSS_35462 Virtualvault 4.6 OWS update \nPHSS_35459 Virtualvault 4.6 IWS update \nPHSS_35480 Virtualvault 4.6 TGP update \nPHSS_35461 Virtualvault 4.5 OWS update \nPHSS_35458 Virtualvault 4.5 IWS update \nPHSS_35437 Webproxy server 2.1 (Apache 2.x) update \nPHSS_35111 Webproxy server 2.1 (Apache 1.x) update \nPHSS_35110 Webproxy server 2.0 update \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA \n\nMANUAL ACTIONS: No \n\nHISTORY Version: 1 (rev.1) 31 October 2006 Initial release \n\nThird Party Security Patches: Third Party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services\nsupport channel. \n\nReport: To report a potential security vulnerability with any HP\nsupported product, send Email to: security-alert@hp.com. It is\nstrongly recommended that security related information being\ncommunicated to HP be encrypted using PGP, especially exploit\ninformation. To get the security-alert PGP key, please send an\ne-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP\nSecurity Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026\nlangcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\n\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and\n continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and\n save. \n\nTo update an existing subscription:\nhttp://h30046.www3.hp.com/subSignIn.php\nLog in on the web page:\n Subscriber\u0027s choice for Business: sign-in. \nOn the web page:\n Subscriber\u0027s Choice: your profile summary\n - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit:\nhttp://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters of the\nBulletin number in the title:\n\n GN = HP General SW,\n MA = HP Management Agents,\n MI = Misc. 3rd party SW,\n MP = HP MPE/iX,\n NS = HP NonStop Servers,\n OV = HP OpenVMS,\n PI = HP Printing \u0026 Imaging,\n ST = HP Storage SW,\n TL = HP Trusted Linux,\n TU = HP Tru64 UNIX,\n UX = HP-UX,\n VV = HP Virtual Vault\n\n\nSystem management and security procedures must be reviewed\nfrequently to maintain system integrity. HP is continually\nreviewing and enhancing the security features of software products\nto provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to\nbring to the attention of users of the affected HP products the\nimportant security information contained in this Bulletin. HP\nrecommends that all users determine the applicability of this\ninformation to their individual situations and take appropriate\naction. HP does not warrant that this information is necessarily\naccurate or complete for all user situations and, consequently, HP\nwill not be responsible for any damages resulting from user\u0027s use\nor disregard of the information provided in this Bulletin. To the\nextent permitted by law, HP disclaims all warranties, either\nexpress or implied, including the warranties of merchantability\nand fitness for a particular purpose, title and non-infringement.\"\n\n\n(c)Copyright 2006 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or\neditorial errors or omissions contained herein. The information\nprovided is provided \"as is\" without warranty of any kind. To the\nextent permitted by law, neither HP nor its affiliates,\nsubcontractors or suppliers will be liable for incidental, special\nor consequential damages including downtime cost; lost profits;\ndamages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. \nThe information in this document is subject to change without\nnotice. Hewlett-Packard Company and the names of Hewlett-Packard\nproducts referenced herein are trademarks of Hewlett-Packard\nCompany in the United States and other countries. Other product\nand company names mentioned herein may be trademarks of their\nrespective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "86249"
},
{
"db": "PACKETSTORM",
"id": "51624"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 1.6
},
{
"db": "BID",
"id": "19849",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.2
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "86249",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51624",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "86249"
},
{
"db": "PACKETSTORM",
"id": "51624"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200609-0995",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.32525984999999996
},
"last_update_date": "2024-03-07T21:38:05.856000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.4,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.4,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-2493.html"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-0217.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38568/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35854/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-3301-3302.html"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-2950.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.openoffice.org/security/cves/cve-2009-2949.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35967/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "86249"
},
{
"db": "PACKETSTORM",
"id": "51624"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "86249"
},
{
"db": "PACKETSTORM",
"id": "51624"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2010-02-12T15:35:11",
"db": "PACKETSTORM",
"id": "86249"
},
{
"date": "2006-11-03T02:10:30",
"db": "PACKETSTORM",
"id": "51624"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2018-10-17T21:35:10.617000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
}
}
var-200110-0169
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security/ http://www.openpkg.org openpkg-security@openpkg.org openpkg@openpkg.org OpenPKG-SA-2006.021 28-Sep-2006
Package: openssl Vulnerability: denial of service OpenPKG Specific: no
Affected Releases: Affected Packages: Corrected Packages: OpenPKG CURRENT <= openssl-0.9.8c-20060905 >= openssl-0.9.8d-20060928 OpenPKG 2-STABLE <= openssl-0.9.8c-2.20060906 >= openssl-0.9.8d-2.20060928 OpenPKG 2.5-RELEASE <= openssl-0.9.8a-2.5.2 >= openssl-0.9.8a-2.5.3
Description: According to a vendor security advisory [0], four security issues were discovered in the cryptography and SSL/TLS toolkit OpenSSL [1]:
-
ASN.1 Denial of Service Attack (1/2)
During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-2937 [2] to the problem.
-
ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-2940 [3] to the problem.
-
SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-3780 [4] to the problem.
-
SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-4343 [5] to the problem.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory.
-----BEGIN PGP SIGNATURE----- Comment: OpenPKG openpkg@openpkg.org
iD8DBQFFG88pgHWT4GPEy58RAh8TAJ4/zpIxAmBkivnMe5QzGxHrJHhkbwCg15li sTSkwWgrJGLza3OQ/yQJSfs= =qyrR -----END PGP SIGNATURE----- . (CVE-2006-4343)
Updated packages are patched to address these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0169",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n________________________________________________________________________\n\nOpenPKG Security Advisory The OpenPKG Project\nhttp://www.openpkg.org/security/ http://www.openpkg.org\nopenpkg-security@openpkg.org openpkg@openpkg.org\nOpenPKG-SA-2006.021 28-Sep-2006\n________________________________________________________________________\n\nPackage: openssl\nVulnerability: denial of service\nOpenPKG Specific: no\n\nAffected Releases: Affected Packages: Corrected Packages:\nOpenPKG CURRENT \u003c= openssl-0.9.8c-20060905 \u003e= openssl-0.9.8d-20060928\nOpenPKG 2-STABLE \u003c= openssl-0.9.8c-2.20060906 \u003e= openssl-0.9.8d-2.20060928\nOpenPKG 2.5-RELEASE \u003c= openssl-0.9.8a-2.5.2 \u003e= openssl-0.9.8a-2.5.3\n\nDescription:\n According to a vendor security advisory [0], four security issues\n were discovered in the cryptography and SSL/TLS toolkit OpenSSL [1]:\n\n 1. ASN.1 Denial of Service Attack (1/2)\n\n During the parsing of certain invalid ASN.1 structures an error\n condition is mishandled. This can result in an infinite loop which\n consumes system memory. The Common Vulnerabilities and Exposures\n (CVE) project assigned the id CVE-2006-2937 [2] to the problem. \n\n 2. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. This could be used by an attacker in a denial of\n service attack. The Common Vulnerabilities and Exposures (CVE)\n project assigned the id CVE-2006-2940 [3] to the problem. \n\n 3. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. The\n Common Vulnerabilities and Exposures (CVE) project assigned the id\n CVE-2006-3780 [4] to the problem. \n\n 4. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. The\n Common Vulnerabilities and Exposures (CVE) project assigned the id\n CVE-2006-4343 [5] to the problem. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. \n________________________________________________________________________\n\n-----BEGIN PGP SIGNATURE-----\nComment: OpenPKG \u003copenpkg@openpkg.org\u003e\n\niD8DBQFFG88pgHWT4GPEy58RAh8TAJ4/zpIxAmBkivnMe5QzGxHrJHhkbwCg15li\nsTSkwWgrJGLza3OQ/yQJSfs=\n=qyrR\n-----END PGP SIGNATURE-----\n. (CVE-2006-4343)\n\n Updated packages are patched to address these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.8
},
{
"db": "BID",
"id": "20247",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200110-0169",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-03T21:14:47.666000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.9,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2018-10-18T16:44:22.137000",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
}
}
var-200705-0681
Vulnerability from variot
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer.". Apache is prone to multiple denial-of-service vulnerabilities. An attacker with the ability to execute arbitrary server-side script-code can exploit these issues to stop arbitrary services on the affected computer in the context of the master webserver process; other attacks may also be possible.
A vulnerability was found in the Apache mod_cache module that could cause the httpd server child process to crash if it was sent a carefully crafted request. This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated (CVE-2007-3304).
Updated packages have been patched to prevent the above issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
Updated Packages:
Mandriva Linux 2007.0: 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.1: 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Corporate 4.0: 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS Re00IyLecNs4MIGgsrv2qJE= =5EEm -----END PGP SIGNATURE-----
.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.6 *>= 2.0.59-r5 >= 2.2.6
Description
Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
Impact
A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
[ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01182588 Version: 1
HPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-10 Last Updated: 2007-10-10
Potential Security Impact: Remote Unauthorized Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
References: CVE-2007-3847, CVE-2007-3304
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache 2.0.59.00
BACKGROUND
To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended action has been taken.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision B.2.0.59.00.0 or subsequent restart Apache URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01 hpuxwsAPACHE,revision=B.2.0.59.00
action: install revision B.2.0.59.00.0 or subsequent restart Apache URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability.
OS Release Depot name MD5 Sum
B.11.11 (IPv4) HPUXWSA-B218-01-1111ipv4.depot eb3bb933baac0f05e1e0809ef1e84eb2
B.11.11 (IPv6) HPUXWSA-B218-01-1111ipv6.depot 540a56b155699336bcbfac0eaf87e3ce
B.11.23 PA-32 HPUXWSA-B218-01-1123-32.depot 2900a0cbea01b6905dc768680fbd5381
B.11.23 IA-64 HPUXWSA-B218-01-1123-64.depot 3be084d96e8a509692e37c71c0184014
B.11.31 PA-32 HPUXWSA-B218-01-1131-32.depot 861122eef70f1b53d68c5adafc64cdb5
B.11.31 IA-64 HPUXWSA-B218-01-1131-64.depot 8dc57222257fe27fb5994da16e91f9a4
The updates are available from: ftp://ssrt1476:ssrt1476@hprc.external.hp.com/ ftp://ssrt1476:ssrt1476@192.170.19.100/
MANUAL ACTIONS: Yes - Update Install Apache 2.0.59.00.0 or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 10 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux
TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRw4UMuAfOvwtKn1ZEQLDowCgnVZZuBkuV66atvv6mh6sxARqYYkAmQEy 7CP41v96ckMOtfU4yeG76pv2 =VMzd -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2009-0010 Synopsis: VMware Hosted products update libpng and Apache HTTP Server Issue date: 2009-08-20 Updated on: 2009-08-20 (initial release of advisory) CVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863 CVE-2006-5752 CVE-2007-3304 CVE-2007-6388 CVE-2007-5000 CVE-2008-0005
- Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved. =========================================================== Ubuntu Security Notice USN-499-1 August 16, 2007 apache2 vulnerabilities CVE-2006-5752, CVE-2007-1863, CVE-2007-3304 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.2 apache2-mpm-prefork 2.0.55-4ubuntu2.2 apache2-mpm-worker 2.0.55-4ubuntu2.2
Ubuntu 6.10: apache2-common 2.0.55-4ubuntu4.1 apache2-mpm-prefork 2.0.55-4ubuntu4.1 apache2-mpm-worker 2.0.55-4ubuntu4.1
Ubuntu 7.04: apache2-mpm-prefork 2.2.3-3.2ubuntu0.1 apache2-mpm-worker 2.2.3-3.2ubuntu0.1 apache2.2-common 2.2.3-3.2ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. (CVE-2006-5752)
Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)
A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz
Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc
Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb
Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171082 4318f93373b705563251f377ed398614
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 131850 951a4573901bc2f10d5febf940d57516
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171864 200ab662b2c13786658486df37fda881
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz
Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc
Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb
Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 171304 c4395af051e876228541ef5b8037d979
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 172078 01ccd554177364747b08e2933f121d2c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 93240 4573597317416869646eb2ea42cd0945
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 211578 9407383d85db831dab728b39cce9acc8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz
Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc
Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 2199184 c03756f87cb164213428532f70e0c198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 341312 906819b0de863209575aa65d39a594a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 446960 af1b667708e062f81bca4e995355394d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 404146 fd35e65fadd836feb0190b209947b466
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 430574 7b690896da23a151ee5e106d596c1143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 343370 1572a001a612add57d23350210ac1736
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200705-0681",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.0"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.59 and earlier"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "1.3.37 and earlier"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.4 and earlier"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "version"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "1.3.37"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0.5"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)5.0"
},
{
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)4.2"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "ses",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "intuity lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.021"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.017"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "software foundation mpm prefork",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "software foundation apache 2.3.38-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "software foundation apache 2.0.60-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "24215"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Blazej Miga",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3304",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.4,
"id": "CVE-2007-3304",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3304",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-3304",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-316",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2007-3304",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka \"SIGUSR1 killer.\". Apache is prone to multiple denial-of-service vulnerabilities. \nAn attacker with the ability to execute arbitrary server-side script-code can exploit these issues to stop arbitrary services on the affected computer in the context of the master webserver process; other attacks may also be possible. \n \n A vulnerability was found in the Apache mod_cache module that could\n cause the httpd server child process to crash if it was sent a\n carefully crafted request. This could lead to a denial of service\n if using a threaded MPM (CVE-2007-1863). A local attacker with the\n ability to run scripts on the server could manipulate the scoreboard\n and cause arbitrary processes to be terminated (CVE-2007-3304). \n \n Updated packages have been patched to prevent the above issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm\n 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm\n 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm\n bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm\n c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm\n 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm\n d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm\n 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm\n f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm\n ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm\n d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm\n fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm\n 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm\n 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm\n 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm\n ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm\n c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm\n 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm\n 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm\n fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm\n 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm\n b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm\n 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm\n feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm\n a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm\n da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm\n ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm\n 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm\n 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm\n 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm\n d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm\n 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm\n f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm\n 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm\n adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm\n 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm\n 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm\n 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm\n 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm\n 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm\n b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm\n 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm\n 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm\n afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm\n d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm\n abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm\n b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm\n 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm\n 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm\n caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm\n e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Corporate 4.0:\n 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm\n 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm\n ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm\n 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm\n b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm\n c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm\n 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm\n a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm\n 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm\n 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm\n 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm\n 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm\n ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm\n a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm\n babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS\nRe00IyLecNs4MIGgsrv2qJE=\n=5EEm\n-----END PGP SIGNATURE-----\n\n. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.2.6 *\u003e= 2.0.59-r5\n \u003e= 2.2.6\n\nDescription\n===========\n\nMultiple cross-site scripting vulnerabilities have been discovered in\nmod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error\nhas been discovered in the recall_headers() function in mod_mem_cache\n(CVE-2007-1862). The mod_cache module does not properly sanitize\nrequests before processing them (CVE-2007-1863). The Prefork module\ndoes not properly check PID values before sending signals\n(CVE-2007-3304). The mod_proxy module does not correctly check headers\nbefore processing them (CVE-2007-3847). \n\nImpact\n======\n\nA remote attacker could exploit one of these vulnerabilities to inject\narbitrary script or HTML content, obtain sensitive information or cause\na Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.0.59-r5\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n [ 2 ] CVE-2007-1862\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862\n [ 3 ] CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n [ 4 ] CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n [ 5 ] CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n [ 6 ] CVE-2007-4465\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200711-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01182588\nVersion: 1\n\nHPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-10\nLast Updated: 2007-10-10\n\nPotential Security Impact: Remote Unauthorized Denial of Service (DoS) \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS). \n\nReferences: CVE-2007-3847, CVE-2007-3304\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache 2.0.59.00\n\nBACKGROUND\n\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended action has been taken. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision B.2.0.59.00.0 or subsequent \nrestart Apache \nURL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \nhpuxwsAPACHE,revision=B.2.0.59.00 \n\naction: install revision B.2.0.59.00.0 or subsequent \nrestart Apache \nURL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \n\nOS Release \n Depot name \n MD5 Sum \n \nB.11.11 (IPv4)\n HPUXWSA-B218-01-1111ipv4.depot\n eb3bb933baac0f05e1e0809ef1e84eb2\n \nB.11.11 (IPv6) \n HPUXWSA-B218-01-1111ipv6.depot\n 540a56b155699336bcbfac0eaf87e3ce\n \nB.11.23 PA-32\n HPUXWSA-B218-01-1123-32.depot\n 2900a0cbea01b6905dc768680fbd5381\n \nB.11.23 IA-64\n HPUXWSA-B218-01-1123-64.depot\n 3be084d96e8a509692e37c71c0184014\n \nB.11.31 PA-32\n HPUXWSA-B218-01-1131-32.depot\n 861122eef70f1b53d68c5adafc64cdb5\n \nB.11.31 IA-64\n HPUXWSA-B218-01-1131-64.depot\n 8dc57222257fe27fb5994da16e91f9a4\n \n\nThe updates are available from: \nftp://ssrt1476:ssrt1476@hprc.external.hp.com/ \nftp://ssrt1476:ssrt1476@192.170.19.100/ \n\nMANUAL ACTIONS: Yes - Update \nInstall Apache 2.0.59.00.0 or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 10 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n -verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS \nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\n\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRw4UMuAfOvwtKn1ZEQLDowCgnVZZuBkuV66atvv6mh6sxARqYYkAmQEy\n7CP41v96ckMOtfU4yeG76pv2\n=VMzd\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2009-0010\nSynopsis: VMware Hosted products update libpng and Apache HTTP\n Server\nIssue date: 2009-08-20\nUpdated on: 2009-08-20 (initial release of advisory)\nCVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863\n CVE-2006-5752 CVE-2007-3304 CVE-2007-6388\n CVE-2007-5000 CVE-2008-0005\n- ------------------------------------------------------------------------\n\n1. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. =========================================================== \nUbuntu Security Notice USN-499-1 August 16, 2007\napache2 vulnerabilities\nCVE-2006-5752, CVE-2007-1863, CVE-2007-3304\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.2\n apache2-mpm-prefork 2.0.55-4ubuntu2.2\n apache2-mpm-worker 2.0.55-4ubuntu2.2\n\nUbuntu 6.10:\n apache2-common 2.0.55-4ubuntu4.1\n apache2-mpm-prefork 2.0.55-4ubuntu4.1\n apache2-mpm-worker 2.0.55-4ubuntu4.1\n\nUbuntu 7.04:\n apache2-mpm-prefork 2.2.3-3.2ubuntu0.1\n apache2-mpm-worker 2.2.3-3.2ubuntu0.1\n apache2.2-common 2.2.3-3.2ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nStefan Esser discovered that mod_status did not force a character set,\nwhich could result in browsers becoming vulnerable to XSS attacks when\nprocessing the output. If a user were tricked into viewing server\nstatus output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such as\npasswords), within the same domain. By default, mod_status is disabled\nin Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made to\ncrash using a specially crafted request. A remote user could use this\nto cause a denial of service if Apache was configured to use a threaded\nworker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local\nattacker could trick Apache into sending SIGUSR1 to other processes. \nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz\n Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc\n Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb\n Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171082 4318f93373b705563251f377ed398614\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 131850 951a4573901bc2f10d5febf940d57516\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171864 200ab662b2c13786658486df37fda881\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz\n Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc\n Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb\n Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 171304 c4395af051e876228541ef5b8037d979\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 172078 01ccd554177364747b08e2933f121d2c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 93240 4573597317416869646eb2ea42cd0945\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 211578 9407383d85db831dab728b39cce9acc8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz\n Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc\n Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 2199184 c03756f87cb164213428532f70e0c198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 341312 906819b0de863209575aa65d39a594a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 446960 af1b667708e062f81bca4e995355394d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 404146 fd35e65fadd836feb0190b209947b466\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 430574 7b690896da23a151ee5e106d596c1143\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 343370 1572a001a612add57d23350210ac1736\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "BID",
"id": "24215"
},
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3304",
"trust": 3.4
},
{
"db": "BID",
"id": "24215",
"trust": 2.8
},
{
"db": "VUPEN",
"id": "ADV-2007-3100",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3283",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-2727",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4305",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0233",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3494",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26211",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25920",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26759",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26993",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28212",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28606",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28224",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26790",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26842",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27563",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27209",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27121",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26508",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26443",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26822",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26611",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26273",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25827",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25830",
"trust": 1.7
},
{
"db": "SREASON",
"id": "2814",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "38939",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018304",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2007-3304",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57505",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60039",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57507",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58667",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "BID",
"id": "24215"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"id": "VAR-200705-0681",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2024-11-29T21:27:08.901000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache httpd 1.3.39-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.39-dev"
},
{
"title": "Fixed in Apache httpd 2.0.61-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.61-dev"
},
{
"title": "Fixed in Apache httpd 2.2.6-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.6-dev"
},
{
"title": "Revision 551843",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?view=markup"
},
{
"title": "HPSBUX02273",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01182588"
},
{
"title": "HPSBUX02273",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02273.html"
},
{
"title": "PK50467",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK50467"
},
{
"title": "PK55141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK55141"
},
{
"title": "4017303",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017303"
},
{
"title": "Fix Pack 13 (6.1.0.13)",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951#61013"
},
{
"title": "4017141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017141"
},
{
"title": "httpd (V3.0/V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1093"
},
{
"title": "RHSA-2007:0532",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0532.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0556.html"
},
{
"title": "RHSA-2007:0662",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0662.html"
},
{
"title": "103179",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "RHSA-2007:0532",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0532J.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0556J.html"
},
{
"title": "RHSA-2007:0662",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0662J.html"
},
{
"title": "interstage_as_200802",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200802.html"
},
{
"title": "Apache HTTP Server Worker Repair measures for multiple local denial of service vulnerabilities in the process",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=145950"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-499-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2007-3304 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/24215"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-353.htm"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-363.htm"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk53984"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0556.html"
},
{
"trust": 2.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"
},
{
"trust": 2.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200711-06.xml"
},
{
"trust": 1.7,
"url": "http://security.psnc.pl/files/apache_report.pdf"
},
{
"trust": 1.7,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111"
},
{
"trust": 1.7,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=547987"
},
{
"trust": 1.7,
"url": "https://issues.rpath.com/browse/rpl-1710"
},
{
"trust": 1.7,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=186219"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pk50467\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:140"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:142"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/errata/rhsa-2007-0532.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0557.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0662.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html"
},
{
"trust": 1.7,
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-499-1"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018304"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25827"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25830"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25920"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26211"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26273"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26443"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26508"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26611"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26759"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26790"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26822"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26842"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26993"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27121"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27209"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27563"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27732"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/2814"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28212"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28224"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28606"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0233"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01182588"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3494"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3100"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3420"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4305"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3283"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2727"
},
{
"trust": 1.7,
"url": "http://osvdb.org/38939"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35095"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11589"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/471832/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/469899/100/0/threaded"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=apache-httpd-dev\u0026m=118252946632447\u0026w=2"
},
{
"trust": 1.1,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-p.asc"
},
{
"trust": 1.0,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.ga15192%40redhat.com%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3304"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd-dev/200706.mbox/%3c20070629141032.ga15192@redhat.com%3e"
},
{
"trust": 0.6,
"url": "http://mail-archives.apache.org/mod_mbox/"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd-dev\u0026m=118252946632447\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.info/?l=apache-"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-012.htm"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/changes_2.2.6"
},
{
"trust": 0.3,
"url": "/archive/1/482486"
},
{
"trust": 0.3,
"url": "/archive/1/469899"
},
{
"trust": 0.3,
"url": "/archive/1/479708"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk50467"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0532.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0662.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.ga15192@redhat.com%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2007-3304"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/499-1/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "BID",
"id": "24215"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"db": "BID",
"id": "24215"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-20T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"date": "2007-05-29T00:00:00",
"db": "BID",
"id": "24215"
},
{
"date": "2007-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"date": "2007-07-07T04:29:41",
"db": "PACKETSTORM",
"id": "57505"
},
{
"date": "2007-11-07T20:27:55",
"db": "PACKETSTORM",
"id": "60759"
},
{
"date": "2007-10-12T04:41:53",
"db": "PACKETSTORM",
"id": "60039"
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533"
},
{
"date": "2007-07-07T04:32:02",
"db": "PACKETSTORM",
"id": "57507"
},
{
"date": "2007-08-17T06:30:14",
"db": "PACKETSTORM",
"id": "58667"
},
{
"date": "2007-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"date": "2007-06-20T22:30:00",
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3304"
},
{
"date": "2010-08-05T21:15:00",
"db": "BID",
"id": "24215"
},
{
"date": "2009-02-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000477"
},
{
"date": "2022-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-316"
},
{
"date": "2024-11-21T00:32:54.327000",
"db": "NVD",
"id": "CVE-2007-3304"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "57507"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server of Prefork MPM Service disruption in modules (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000477"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-316"
}
],
"trust": 0.6
}
}
var-200609-1521
Vulnerability from variot
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- .
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1521",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
}
],
"trust": 4.32
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "BID",
"id": "20246",
"trust": 2.1
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200609-1521",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333334
},
"last_update_date": "2024-10-18T01:10:55.761000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2018-10-17T21:36:13.210000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
}
}
var-201003-0281
Vulnerability from variot
The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. OpenSSL versions 0.9.8f through 0.9.8m are vulnerable.
Affected versions depend on the C compiler used with OpenSSL:
- If 'short' is a 16-bit integer, this issue applies only to OpenSSL 0.9.8m.
- Otherwise, this issue applies to OpenSSL 0.9.8f through 0.9.8m. If upgrading is not immediately possible, the source code patch provided in this advisory should be applied.
Bodo Moeller and Adam Langley (Google) have identified the vulnerability and prepared the fix.
Patch
--- ssl/s3_pkt.c 24 Jan 2010 13:52:38 -0000 1.57.2.9 +++ ssl/s3_pkt.c 24 Mar 2010 00:00:00 -0000 @@ -291,9 +291,9 @@ if (version != s->version) { SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); - / Send back error using their - * version number :-) / - s->version=version; + if ((s->version & 0xFF00) == (version & 0xFF00)) + / Send back error using their minor version number :-) / + s->version = (unsigned short)version; al=SSL_AD_PROTOCOL_VERSION; goto f_err; }
References
This vulnerability is tracked as CVE-2010-0740.
URL for this Security Advisory: https://www.openssl.org/news/secadv_20100324.txt . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2011-0003 Synopsis: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX Issue date: 2011-02-10 Updated on: 2011-02-10 (initial release of advisory) CVE numbers: --- Apache Tomcat --- CVE-2009-2693 CVE-2009-2901 CVE-2009-2902 CVE-2009-3548 CVE-2010-2227 CVE-2010-1157 --- Apache Tomcat Manager --- CVE-2010-2928 --- cURL --- CVE-2010-0734 --- COS Kernel --- CVE-2010-1084 CVE-2010-2066 CVE-2010-2070 CVE-2010-2226 CVE-2010-2248 CVE-2010-2521 CVE-2010-2524 CVE-2010-0008 CVE-2010-0415 CVE-2010-0437 CVE-2009-4308 CVE-2010-0003 CVE-2010-0007 CVE-2010-0307 CVE-2010-1086 CVE-2010-0410 CVE-2010-0730 CVE-2010-1085 CVE-2010-0291 CVE-2010-0622 CVE-2010-1087 CVE-2010-1173 CVE-2010-1437 CVE-2010-1088 CVE-2010-1187 CVE-2010-1436 CVE-2010-1641 CVE-2010-3081 --- Microsoft SQL Express --- CVE-2008-5416 CVE-2008-0085 CVE-2008-0086 CVE-2008-0107 CVE-2008-0106 --- OpenSSL --- CVE-2010-0740 CVE-2010-0433 CVE-2010-3864 CVE-2010-2939 --- Oracle (Sun) JRE --- CVE-2009-3555 CVE-2010-0082 CVE-2010-0084 CVE-2010-0085 CVE-2010-0087 CVE-2010-0088 CVE-2010-0089 CVE-2010-0090 CVE-2010-0091 CVE-2010-0092 CVE-2010-0093 CVE-2010-0094 CVE-2010-0095 CVE-2010-0837 CVE-2010-0838 CVE-2010-0839 CVE-2010-0840 CVE-2010-0841 CVE-2010-0842 CVE-2010-0843 CVE-2010-0844 CVE-2010-0845 CVE-2010-0846 CVE-2010-0847 CVE-2010-0848 CVE-2010-0849 CVE-2010-0850 CVE-2010-0886 CVE-2010-3556 CVE-2010-3566 CVE-2010-3567 CVE-2010-3550 CVE-2010-3561 CVE-2010-3573 CVE-2010-3565 CVE-2010-3568 CVE-2010-3569 CVE-2010-1321 CVE-2010-3548 CVE-2010-3551 CVE-2010-3562 CVE-2010-3571 CVE-2010-3554 CVE-2010-3559 CVE-2010-3572 CVE-2010-3553 CVE-2010-3549 CVE-2010-3557 CVE-2010-3541 CVE-2010-3574 --- pam_krb5 --- CVE-2008-3825 CVE-2009-1384
- Summary
Update 1 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere Hypervisor (ESXi) 4.1, ESXi 4.1, addresses several security issues.
- Relevant releases
vCenter Server 4.1 without Update 1,
vCenter Update Manager 4.1 without Update 1,
ESXi 4.1 without patch ESXi410-201101201-SG,
ESX 4.1 without patch ESX410-201101201-SG.
- Problem Description
a. vCenter Server and vCenter Update Manager update Microsoft SQL Server 2005 Express Edition to Service Pack 3
Microsoft SQL Server 2005 Express Edition (SQL Express)
distributed with vCenter Server 4.1 Update 1 and vCenter Update
Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2
to SQL Express Service Pack 3, to address multiple security
issues that exist in the earlier releases of Microsoft SQL Express.
Customers using other database solutions need not update for
these issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086,
CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL
Express Service Pack 3.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows affected, patch pending
VirtualCenter 2.5 Windows affected, no patch planned
Update Manager 4.1 Windows Update 1
Update Manager 4.0 Windows affected, patch pending
Update Manager 1.0 Windows affected, no patch planned
hosted * any any not affected
ESXi any ESXi not affected
ESX any ESX not affected
- Hosted products are VMware Workstation, Player, ACE, Fusion.
b. vCenter Apache Tomcat Management Application Credential Disclosure
The Apache Tomcat Manager application configuration file contains
logon credentials that can be read by unprivileged local users.
The issue is resolved by removing the Manager application in
vCenter 4.1 Update 1.
If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon
credentials are not present in the configuration file after the
update.
VMware would like to thank Claudio Criscione of Secure Networking
for reporting this issue to us.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-2928 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows not affected
VirtualCenter 2.5 Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX any ESX not affected
- hosted products are VMware Workstation, Player, ACE, Fusion.
c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21
Oracle (Sun) JRE update to version 1.6.0_21, which addresses
multiple security issues that existed in earlier releases of
Oracle (Sun) JRE.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following names to the security issues fixed in
Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082,
CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088,
CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092,
CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837,
CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841,
CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845,
CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849,
CVE-2010-0850.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following name to the security issue fixed in
Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows not applicable **
VirtualCenter 2.5 Windows not applicable **
Update Manager 4.1 Windows not applicable **
Update Manager 4.0 Windows not applicable **
Update Manager 1.0 Windows not applicable **
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX not applicable **
ESX 3.5 ESX not applicable **
ESX 3.0.3 ESX not applicable **
- hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.5.0 family
d. vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26
Oracle (Sun) JRE update to version 1.5.0_26, which addresses
multiple security issues that existed in earlier releases of
Oracle (Sun) JRE.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following names to the security issues fixed in
Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566,
CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573,
CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555,
CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562,
CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572,
CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541,
CVE-2010-3574.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows not applicable **
vCenter 4.0 Windows affected, patch pending
VirtualCenter 2.5 Windows affected, no patch planned
Update Manager 4.1 Windows Update 1
Update Manager 4.0 Windows affected, patch pending
Update Manager 1.0 Windows affected, no patch planned
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX not applicable **
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX affected, no patch planned
ESX 3.0.3 ESX affected, no patch planned
- hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Oracle (Sun) JRE 1.6.0 family
e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28
Apache Tomcat updated to version 6.0.28, which addresses multiple
security issues that existed in earlier releases of Apache Tomcat
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following names to the security issues fixed in
Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i
and CVE-2009-3548.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following names to the security issues fixed in
Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows affected, patch pending
VirtualCenter 2.5 Windows not applicable **
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX not applicable **
ESX 3.0.3 ESX not applicable **
- hosted products are VMware Workstation, Player, ACE, Fusion. ** this product uses the Apache Tomcat 5.5 family
f. vCenter Server third party component OpenSSL updated to version 0.9.8n
The version of the OpenSSL library in vCenter Server is updated to
0.9.8n.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0740 and CVE-2010-0433 to the
issues addressed in this version of OpenSSL.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows affected, patch pending
VirtualCenter 2.5 Windows affected, no patch planned
hosted * any any not applicable
ESXi any ESXi not applicable
ESX any ESX not applicable
- hosted products are VMware Workstation, Player, ACE, Fusion.
g. ESX third party component OpenSSL updated to version 0.9.8p
The version of the ESX OpenSSL library is updated to 0.9.8p.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-3864 and CVE-2010-2939 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not applicable
hosted * any any not applicable
ESXi 4.1 ESXi ESXi410-201101201-SG
ESXi 4.0 ESXi affected, patch pending
ESXi 3.5 ESXi affected, patch pending
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
- hosted products are VMware Workstation, Player, ACE, Fusion.
h. ESXi third party component cURL updated
The version of cURL library in ESXi is updated.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-0734 to the issues addressed in
this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi 4.1 ESXi ESXi410-201101201-SG
ESXi 4.0 ESXi affected, patch pending
ESXi 3.5 ESXi affected, patch pending
ESX any ESX not applicable
- hosted products are VMware Workstation, Player, ACE, Fusion.
i. ESX third party component pam_krb5 updated
The version of pam_krb5 library is updated.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2008-3825 and CVE-2009-1384 to the
issues addressed in the update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
- hosted products are VMware Workstation, Player, ACE, Fusion.
j. ESX third party update for Service Console kernel
The Service Console kernel is updated to include kernel version
2.6.18-194.11.1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070,
CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524,
CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308,
CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086,
CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291,
CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437,
CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and
CVE-2010-3081 to the issues addressed in the update.
Note: This update also addresses the 64-bit compatibility mode
stack pointer underflow issue identified by CVE-2010-3081. This
issue was patched in an ESX 4.1 patch prior to the release of
ESX 4.1 Update 1.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201101201-SG
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
-
hosted products are VMware Workstation, Player, ACE, Fusion.
-
Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
VMware vCenter Server 4.1 Update 1 and modules
http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes: http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html
File type: .iso md5sum: 729cf247aa5d33ceec431c86377eee1a sha1sum: c1e10a5fcbc1ae9d13348d43541d574c563d66f0
File type: .zip md5sum: fd1441bef48a153f2807f6823790e2f0 sha1sum: 31737a816ed1c08ab3a505fb6db2483f49ad7c19
VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4
ESXi 4.1 Installable Update 1
http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes:
http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html http://kb.vmware.com/kb/1027919
File type: .iso MD5SUM: d68d6c2e040a87cd04cd18c04c22c998 SHA1SUM: bbaacc0d34503822c14f6ccfefb6a5b62d18ae64
ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.1) File type: .zip MD5SUM: 2f1e009c046b20042fae3b7ca42a840f SHA1SUM: 1c9c644012dec657a705ddd3d033cbfb87a1fab1
ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.0) File type: .zip MD5SUM: 67b924618d196dafaf268a7691bd1a0f SHA1SUM: 9d74b639e703259d9e49c0341158e0d4e45de516
ESXi 4.1 Update 1 (upgrade ZIP from ESXi 3.5) File type: .zip MD5SUM: a6024b9f6c6b7b2c629696afc6d07cf4 SHA1SUM: b3841de1a30617ac68d5a861882aa72de3a93488
VMware Tools CD image for Linux Guest OSes File type: .iso MD5SUM: dad66fa8ece1dd121c302f45444daa70 SHA1SUM: 56535a2cfa7799607356c6fd0a7d9f041da614af
VMware vSphere Client File type: .exe MD5SUM: cb6aa91ada1289575355d79e8c2a9f8e SHA1SUM: f9e3d8eb83196ae7c31aab554e344a46b722b1e4
ESXi Installable Update 1 contains the following security bulletins: ESXi410-201101201-SG.
ESX 4.1 Update 1
http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0 Release Notes:
http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html http://kb.vmware.com/kb/1029353
ESX 4.1 Update 1 (DVD ISO) File type: .iso md5sum: b9a275b419a20c7bedf31c0bf64f504e sha1sum: 2d85edcaca8218013585e1eab00bc80db6d96e11
ESX 4.1 Update 1 (upgrade ZIP from ESX 4.1) File type: .zip md5sum: 2d81a87e994aa2b329036f11d90b4c14 sha1sum: c2bfc0cf7ac03d24afd5049ddbd09a865aad1798
Pre-upgrade package for ESX 4.0 to ESX 4.1 Update 1 File type: .zip md5sum: 75f8cebfd55d8a81deb57c27def963c2 sha1sum: 889c15aa8008fe0e29439d0ab3468c2beb1c4fe2
ESX 4.1 Update 1 (upgrade ZIP from ESX 4.0) File type: .zip md5sum: 1dc9035cd10e7e60d27e7a7aef57b4c2 sha1sum: e6d3fb65d83a3e263d0f634a3572025854ff8922
VMware Tools CD image for Linux Guest OSes File type: .iso md5sum: dad66fa8ece1dd121c302f45444daa70 sha1sum: 56535a2cfa7799607356c6fd0a7d9f041da614af
VMware vSphere Client File type: .exe md5sum: cb6aa91ada1289575355d79e8c2a9f8e sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4
ESX410-Update01 contains the following security bulletins: ESX410-201101201-SG (COS kernel, pam_krb5, cURL, OpenSSL, Apache Tomcat, Oracle (Sun) JRE) | http://kb.vmware.com/kb/1027904 ESX410-201101226-SG (glibc) | http://kb.vmware.com/kb/1031330
ESX410-Update01 also contains the following non-security bulletins ESX410-201101211-UG, ESX410-201101213-UG, ESX410-201101215-UG, ESX410-201101202-UG, ESX410-201101203-UG, ESX410-201101204-UG, ESX410-201101206-UG, ESX410-201101207-UG, ESX410-201101208-UG, ESX410-201101214-UG, ESX410-201101216-UG, ESX410-201101217-UG, ESX410-201101218-UG, ESX410-201101219-UG, ESX410-201101220-UG, ESX410-201101221-UG, ESX410-201101222-UG, ESX410-201101225-UG.
To install an individual bulletin use esxupdate with the -b option.
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2928 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0850 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2524 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4308 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0007 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1086 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1085 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1087 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1437 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1436 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574
- Change log
2011-02-10 VMSA-2011-0003 Initial security advisory in conjunction with the release of vCenter Server 4.1 Update 1, vCenter Update Manager 4.1 Update 1, ESXi 4.1 Update 1, and ESX 4.1 Update 1 on 2011-02-10.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2011 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAk1U1eoACgkQS2KysvBH1xm3swCfeh4sWvPOubDT1K7QlRj3SjW9 dxYAmwbNLMR9IG/rKZDYh9hqcf4IldCX =2pVj -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-01
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 09, 2011 Bugs: #303739, #308011, #322575, #332027, #345767, #347623, #354139, #382069 ID: 201110-01
Synopsis
Multiple vulnerabilities were found in OpenSSL, allowing for the execution of arbitrary code and other attacks.
Background
OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.0e >= 1.0.0e
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.
Impact
A context-dependent attacker could cause a Denial of Service, possibly execute arbitrary code, bypass intended key requirements, force the downgrade to unintended ciphers, bypass the need for knowledge of shared secrets and successfully authenticate, bypass CRL validation, or obtain sensitive information in applications that use OpenSSL.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.0e"
NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 17, 2011. It is likely that your system is already no longer affected by most of these issues.
References
[ 1 ] CVE-2009-3245 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3245 [ 2 ] CVE-2009-4355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4355 [ 3 ] CVE-2010-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0433 [ 4 ] CVE-2010-0740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0740 [ 5 ] CVE-2010-0742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0742 [ 6 ] CVE-2010-1633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1633 [ 7 ] CVE-2010-2939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2939 [ 8 ] CVE-2010-3864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3864 [ 9 ] CVE-2010-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180 [ 10 ] CVE-2010-4252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4252 [ 11 ] CVE-2011-0014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0014 [ 12 ] CVE-2011-3207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3207 [ 13 ] CVE-2011-3210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201110-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433
Updated Packages:
Mandriva Linux 2008.0: 6779a4a1db26d264e8245d5a2e03b8e2 2008.0/i586/libopenssl0.9.8-0.9.8e-8.6mdv2008.0.i586.rpm 32d0879c08e77ec6ee2bf3401e342ab5 2008.0/i586/libopenssl0.9.8-devel-0.9.8e-8.6mdv2008.0.i586.rpm f96338b09159511eb17480a3a398cdf4 2008.0/i586/libopenssl0.9.8-static-devel-0.9.8e-8.6mdv2008.0.i586.rpm 3b314cadba52af9c6ef20807fa6a7e40 2008.0/i586/openssl-0.9.8e-8.6mdv2008.0.i586.rpm 5781d06f2bc45312c89d5578b3d4426e 2008.0/SRPMS/openssl-0.9.8e-8.6mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 18a2f6b7bc42e89172e199e2c9d9cbd7 2008.0/x86_64/lib64openssl0.9.8-0.9.8e-8.6mdv2008.0.x86_64.rpm adbcfd94636bf43eca84d56b000f1bf9 2008.0/x86_64/lib64openssl0.9.8-devel-0.9.8e-8.6mdv2008.0.x86_64.rpm 78a4ae2c93221b31e75ff44f01cc963e 2008.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8e-8.6mdv2008.0.x86_64.rpm cf642101a500d21a1b0d560c94f6c33b 2008.0/x86_64/openssl-0.9.8e-8.6mdv2008.0.x86_64.rpm 5781d06f2bc45312c89d5578b3d4426e 2008.0/SRPMS/openssl-0.9.8e-8.6mdv2008.0.src.rpm
Mandriva Linux 2009.1: 2179a8dcd20d37f14ee8830af0b19f18 2009.1/i586/libopenssl0.9.8-0.9.8k-1.5mdv2009.1.i586.rpm 2fa14647d3a714b59fcc96893b872d89 2009.1/i586/libopenssl0.9.8-devel-0.9.8k-1.5mdv2009.1.i586.rpm 3456989c6989346efcf82a2ac744b860 2009.1/i586/libopenssl0.9.8-static-devel-0.9.8k-1.5mdv2009.1.i586.rpm ea0d9271dff872444a5104edb5a35782 2009.1/i586/openssl-0.9.8k-1.5mdv2009.1.i586.rpm 9606d6dd9ef55a4e36585031819ff68a 2009.1/SRPMS/openssl-0.9.8k-1.5mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: 48b2c896f7f5a78da411c3f952641a7c 2009.1/x86_64/lib64openssl0.9.8-0.9.8k-1.5mdv2009.1.x86_64.rpm f2243e30cf19af90a5d318a9b58f7166 2009.1/x86_64/lib64openssl0.9.8-devel-0.9.8k-1.5mdv2009.1.x86_64.rpm eb21df80599178f9e0801f56ea53c596 2009.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-1.5mdv2009.1.x86_64.rpm 7623f6957ce025df671f26da48b43a8c 2009.1/x86_64/openssl-0.9.8k-1.5mdv2009.1.x86_64.rpm 9606d6dd9ef55a4e36585031819ff68a 2009.1/SRPMS/openssl-0.9.8k-1.5mdv2009.1.src.rpm
Mandriva Linux 2010.0: bf40dda29eab76aed02a1d7cb0c6b7b0 2010.0/i586/libopenssl0.9.8-0.9.8k-5.2mdv2010.0.i586.rpm 88f7e61fb1a73b6785eb7dd619b4ba26 2010.0/i586/libopenssl0.9.8-devel-0.9.8k-5.2mdv2010.0.i586.rpm 43c3513218c3a1f9b92e6de050905511 2010.0/i586/libopenssl0.9.8-static-devel-0.9.8k-5.2mdv2010.0.i586.rpm a8301e1c6f5f770673e3b5aa78def152 2010.0/i586/openssl-0.9.8k-5.2mdv2010.0.i586.rpm d34a969c322305ba7c2bf42c464e655b 2010.0/SRPMS/openssl-0.9.8k-5.2mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: bd1bad7a46c995dd70390db3d3f54d9b 2010.0/x86_64/lib64openssl0.9.8-0.9.8k-5.2mdv2010.0.x86_64.rpm c402e4d826ff811ed12e51348433043d 2010.0/x86_64/lib64openssl0.9.8-devel-0.9.8k-5.2mdv2010.0.x86_64.rpm 11bc52f64e3149750039441e0953c1ac 2010.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-5.2mdv2010.0.x86_64.rpm a312e7b5c36582656783e287e4fbf8b2 2010.0/x86_64/openssl-0.9.8k-5.2mdv2010.0.x86_64.rpm d34a969c322305ba7c2bf42c464e655b 2010.0/SRPMS/openssl-0.9.8k-5.2mdv2010.0.src.rpm
Corporate 4.0: 838799e95a4b8ddbad162e3d85826cb3 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.12.20060mlcs4.i586.rpm fa537398af95ed3d4d2bf0458d6968e7 corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.12.20060mlcs4.i586.rpm 44095aa5ee43e81861066b7be51f26e0 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.12.20060mlcs4.i586.rpm 311d0ffc5d5c066e78444899796d9a04 corporate/4.0/i586/openssl-0.9.7g-2.12.20060mlcs4.i586.rpm ffcbb14a29c554d271b34a07ba8c6760 corporate/4.0/SRPMS/openssl-0.9.7g-2.12.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 36a4b10bb78a32c87eacb51bb898ce74 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.12.20060mlcs4.x86_64.rpm 97bc349e00703ec30ed4bc92ed1c8ad3 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.12.20060mlcs4.x86_64.rpm c5ad86569b033f43117c190d4843cb62 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.12.20060mlcs4.x86_64.rpm 7323557da4375c9e28f0fc6ffe3c9681 corporate/4.0/x86_64/openssl-0.9.7g-2.12.20060mlcs4.x86_64.rpm ffcbb14a29c554d271b34a07ba8c6760 corporate/4.0/SRPMS/openssl-0.9.7g-2.12.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 5397afaa4dd55a61a69c7a613b4a04d0 mes5/i586/libopenssl0.9.8-0.9.8h-3.7mdvmes5.1.i586.rpm 672b31b0932445ab920d98674b39568e mes5/i586/libopenssl0.9.8-devel-0.9.8h-3.7mdvmes5.1.i586.rpm bd4315ba38456187e89a3608f9a81449 mes5/i586/libopenssl0.9.8-static-devel-0.9.8h-3.7mdvmes5.1.i586.rpm 97c3e766752633e2dc3fb4e8808d94a2 mes5/i586/openssl-0.9.8h-3.7mdvmes5.1.i586.rpm 3fa202efa10e5a1758296c38d550e3c9 mes5/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm
Mandriva Enterprise Server 5/X86_64: eff1bf6b250becc30db24dd090677cdc mes5/x86_64/lib64openssl0.9.8-0.9.8h-3.7mdvmes5.1.x86_64.rpm a516bcfc84c4d725f9123aba88f2f433 mes5/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.7mdvmes5.1.x86_64.rpm 82bc5fb4ce477538a44d934ad20d0a76 mes5/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.7mdvmes5.1.x86_64.rpm 1423afe3a03dc74af39c81a5ea8382ba mes5/x86_64/openssl-0.9.8h-3.7mdvmes5.1.x86_64.rpm 3fa202efa10e5a1758296c38d550e3c9 mes5/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm
Multi Network Firewall 2.0: dc0699f12403b68e03714fbf196c1a61 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.13.C30mdk.i586.rpm 300487b72c03dc789393b1d031b0f79f mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.13.C30mdk.i586.rpm a7153e4b9c5b0b3710307ec9366bc7c6 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.13.C30mdk.i586.rpm 51f0b04c0a6ceb1008c017ff5c9e708e mnf/2.0/i586/openssl-0.9.7c-3.13.C30mdk.i586.rpm 4fbf3a9a35931cc30fdda10ce7d1d911 mnf/2.0/SRPMS/openssl-0.9.7c-3.13.C30mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLybd5mqjQ0CJFipgRAoogAKDhb8KNEsbPJbLGW/HkRJtwmigdlACeLosx AivcTVPvxGwS+9NxLS8bfeA= =M7MB -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02079216 Version: 1
HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-04-13 Last Updated: 2010-04-13
Potential Security Impact: Remote unauthorized information disclosure, unauthorized data modification, Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities has been identified with HP-UX OpenSSL. These vulnerabilities could be exploited remotely for unauthorized information disclosure, unauthorized data modification, and to create a Denial of Service (DoS). HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08n.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2009-3245 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2009-4355 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided upgrades to resolve these vulnerabilities. The upgrades are available from the following location.
Host / Account / Password
ftp.usa.hp.com / sb02517 / Secure12
HP-UX Release / Depot Name / SHA-1 digest
B.11.11 PA (32 and 64) / OpenSSL_A.00.09.08n.001_HP-UX_B.11.11_32+64.depot / 2FE85DEE859C93F9D02A69666A455E9A7442DC5D
B.11.23 (PA and IA) / OpenSSL_A.00.09.08n.002_HP-UX_B.11.23_IA-PA.depot / 69F9AEE88F89C53FFE6794822F6A843F312384CD
B.11.31 (PA and IA) / OpenSSL_A.00.09.08n.003_HP-UX_B.11.31_IA-PA.depot / 07A205AA57B4BDF98B65D31287CDCBE3B9F011D5
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08n or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.001 or subsequent
HP-UX B.11.23
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.002 or subsequent
HP-UX B.11.31
openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.003 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) 13 April 2010 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Apache-based Web Server is contained in the Apache Web Server Suite. The upgrades are available from the following location:
URL http://software.hp.com
Note: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09 Note: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15
Web Server Suite Version / HP-UX Release / Depot name
Web Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot
Web Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot
Web Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot
Web Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot
Web Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot
Web Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot
Web Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot
MANUAL ACTIONS: Yes - Update
Install Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent or Install Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201003-0281",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8i"
},
{
"model": "vcenter",
"scope": "eq",
"trust": 1.1,
"vendor": "vmware",
"version": "4.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "virtualcenter",
"scope": "eq",
"trust": 1.1,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "vcenter",
"scope": "eq",
"trust": 1.1,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8f to 0.9.8m"
},
{
"model": "ace",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "esx",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "esxi",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "fusion",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "player",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "workstation",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.7"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "opensolaris build snv 134",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "active management technology sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "2.6"
},
{
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "9.2.3.1"
},
{
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.52"
},
{
"model": "project openssl 0.9.8n",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensolaris build snv 131",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 56",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 38",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "opensolaris build snv 126",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "opensolaris build snv 125",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "vcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.01"
},
{
"model": "circle",
"scope": "ne",
"trust": 0.3,
"vendor": "voodoo",
"version": "1.1.40"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "opensolaris build snv 133",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 129",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "opensolaris build snv 35",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.7"
},
{
"model": "coat systems blue coat reporter",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "9.2.4.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.55"
},
{
"model": "big-ip protocol security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "opensolaris build snv 130",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "opensolaris build snv 121",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "active management technology sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "bigip global traffic manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "opensolaris build snv 98",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.6"
},
{
"model": "opensolaris build snv 117",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.51"
},
{
"model": "opensolaris build snv 113",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "opensolaris build snv 124",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 118",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bigip edge",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "opensolaris build snv 123",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "setup and configuration service",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "5.0"
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "9.1.5.1"
},
{
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 114",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "opensolaris build snv 112",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "opensolaris build snv 119",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 128",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "arx",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "5.1.5"
},
{
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "setup and configuration service",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "circle xtelnet",
"scope": "eq",
"trust": 0.3,
"vendor": "voodoo",
"version": "0.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "virtualcenter 2.5.update build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "31"
},
{
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 71",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bigip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 28",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "active management technology sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "3.0"
},
{
"model": "opensolaris build snv 132",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "active management technology sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "6.0"
},
{
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "vcenter update",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "4.11"
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.3.1"
},
{
"model": "circle",
"scope": "eq",
"trust": 0.3,
"vendor": "voodoo",
"version": "1.1.39"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "4.5"
},
{
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8"
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.56"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 48",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "circle xtelnet",
"scope": "ne",
"trust": 0.3,
"vendor": "voodoo",
"version": "0.4.6"
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 37",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "active management technology sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "5.0"
},
{
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "coat systems blue coat reporter",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "8.3.7.1"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "opensolaris build snv 122",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 115",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 74",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 120",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 51",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 136",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "big-ip wan optimization module",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "virtualcenter update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.54"
},
{
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 137",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "opensolaris build snv 116",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 127",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9"
},
{
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 135",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
}
],
"sources": [
{
"db": "BID",
"id": "39013"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:ibm:aix",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:ace",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esxi",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:fusion",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:vcenter",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:virtualcenter",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bodo Moeller and Adam Langley",
"sources": [
{
"db": "BID",
"id": "39013"
}
],
"trust": 0.3
},
"cve": "CVE-2010-0740",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2010-0740",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0740",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-0740",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201003-393",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-0740",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. \nOpenSSL versions 0.9.8f through 0.9.8m are vulnerable. \n\nAffected versions depend on the C compiler used with OpenSSL:\n\n- If \u0027short\u0027 is a 16-bit integer, this issue applies only to OpenSSL 0.9.8m. \n- Otherwise, this issue applies to OpenSSL 0.9.8f through 0.9.8m. If upgrading is not immediately possible, the\nsource code patch provided in this advisory should be applied. \n\nBodo Moeller and Adam Langley (Google) have identified the vulnerability\nand prepared the fix. \n\n\nPatch\n-----\n\n--- ssl/s3_pkt.c\t24 Jan 2010 13:52:38 -0000\t1.57.2.9\n+++ ssl/s3_pkt.c\t24 Mar 2010 00:00:00 -0000\n@@ -291,9 +291,9 @@\n \t\t\tif (version != s-\u003eversion)\n \t\t\t\t{\n \t\t\t\tSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);\n-\t\t\t\t/* Send back error using their\n-\t\t\t\t * version number :-) */\n-\t\t\t\ts-\u003eversion=version;\n+ if ((s-\u003eversion \u0026 0xFF00) == (version \u0026 0xFF00))\n+ \t/* Send back error using their minor version number :-) */\n+\t\t\t\t\ts-\u003eversion = (unsigned short)version;\n \t\t\t\tal=SSL_AD_PROTOCOL_VERSION;\n \t\t\t\tgoto f_err;\n \t\t\t\t}\n\n\nReferences\n----------\n\nThis vulnerability is tracked as CVE-2010-0740. \n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20100324.txt\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2011-0003\nSynopsis: Third party component updates for VMware vCenter\n Server, vCenter Update Manager, ESXi and ESX\nIssue date: 2011-02-10\nUpdated on: 2011-02-10 (initial release of advisory)\nCVE numbers: --- Apache Tomcat ---\n CVE-2009-2693 CVE-2009-2901 CVE-2009-2902\n CVE-2009-3548 CVE-2010-2227 CVE-2010-1157\n --- Apache Tomcat Manager ---\n CVE-2010-2928\n --- cURL ---\n CVE-2010-0734\n --- COS Kernel ---\n CVE-2010-1084 CVE-2010-2066 CVE-2010-2070\n CVE-2010-2226 CVE-2010-2248 CVE-2010-2521\n CVE-2010-2524 CVE-2010-0008 CVE-2010-0415\n CVE-2010-0437 CVE-2009-4308 CVE-2010-0003\n CVE-2010-0007 CVE-2010-0307 CVE-2010-1086\n CVE-2010-0410 CVE-2010-0730 CVE-2010-1085\n CVE-2010-0291 CVE-2010-0622 CVE-2010-1087\n CVE-2010-1173 CVE-2010-1437 CVE-2010-1088\n CVE-2010-1187 CVE-2010-1436 CVE-2010-1641\n CVE-2010-3081\n --- Microsoft SQL Express ---\n CVE-2008-5416 CVE-2008-0085 CVE-2008-0086\n CVE-2008-0107 CVE-2008-0106\n --- OpenSSL ---\n CVE-2010-0740 CVE-2010-0433\n CVE-2010-3864 CVE-2010-2939\n --- Oracle (Sun) JRE ---\n CVE-2009-3555 CVE-2010-0082 CVE-2010-0084\n CVE-2010-0085 CVE-2010-0087 CVE-2010-0088\n CVE-2010-0089 CVE-2010-0090 CVE-2010-0091\n CVE-2010-0092 CVE-2010-0093 CVE-2010-0094\n CVE-2010-0095 CVE-2010-0837 CVE-2010-0838\n CVE-2010-0839 CVE-2010-0840 CVE-2010-0841\n CVE-2010-0842 CVE-2010-0843 CVE-2010-0844\n CVE-2010-0845 CVE-2010-0846 CVE-2010-0847\n CVE-2010-0848 CVE-2010-0849 CVE-2010-0850\n CVE-2010-0886 CVE-2010-3556 CVE-2010-3566\n CVE-2010-3567 CVE-2010-3550 CVE-2010-3561\n CVE-2010-3573 CVE-2010-3565 CVE-2010-3568\n CVE-2010-3569 CVE-2010-1321 CVE-2010-3548\n CVE-2010-3551 CVE-2010-3562 CVE-2010-3571\n CVE-2010-3554 CVE-2010-3559 CVE-2010-3572\n CVE-2010-3553 CVE-2010-3549 CVE-2010-3557\n CVE-2010-3541 CVE-2010-3574\n --- pam_krb5 ---\n CVE-2008-3825 CVE-2009-1384\n- ------------------------------------------------------------------------\n\n1. Summary\n\n Update 1 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere\n Hypervisor (ESXi) 4.1, ESXi 4.1, addresses several security issues. \n\n\n2. Relevant releases\n\n vCenter Server 4.1 without Update 1,\n\n vCenter Update Manager 4.1 without Update 1,\n\n ESXi 4.1 without patch ESXi410-201101201-SG,\n\n ESX 4.1 without patch ESX410-201101201-SG. \n\n\n3. Problem Description\n\n a. vCenter Server and vCenter Update Manager update Microsoft\n SQL Server 2005 Express Edition to Service Pack 3\n\n Microsoft SQL Server 2005 Express Edition (SQL Express)\n distributed with vCenter Server 4.1 Update 1 and vCenter Update\n Manager 4.1 Update 1 is upgraded from SQL Express Service Pack 2\n to SQL Express Service Pack 3, to address multiple security\n issues that exist in the earlier releases of Microsoft SQL Express. \n\n Customers using other database solutions need not update for\n these issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-5416, CVE-2008-0085, CVE-2008-0086,\n CVE-2008-0107 and CVE-2008-0106 to the issues addressed in MS SQL\n Express Service Pack 3. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows affected, patch pending\n VirtualCenter 2.5 Windows affected, no patch planned\n\n Update Manager 4.1 Windows Update 1\n Update Manager 4.0 Windows affected, patch pending\n Update Manager 1.0 Windows affected, no patch planned\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Hosted products are VMware Workstation, Player, ACE, Fusion. \n\n b. vCenter Apache Tomcat Management Application Credential Disclosure\n\n The Apache Tomcat Manager application configuration file contains\n logon credentials that can be read by unprivileged local users. \n\n The issue is resolved by removing the Manager application in\n vCenter 4.1 Update 1. \n\n If vCenter 4.1 is updated to vCenter 4.1 Update 1 the logon\n credentials are not present in the configuration file after the\n update. \n\n VMware would like to thank Claudio Criscione of Secure Networking\n for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-2928 to this issue. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows not affected\n VirtualCenter 2.5 Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n c. vCenter Server and ESX, Oracle (Sun) JRE is updated to version\n 1.6.0_21\n\n Oracle (Sun) JRE update to version 1.6.0_21, which addresses\n multiple security issues that existed in earlier releases of\n Oracle (Sun) JRE. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Oracle (Sun) JRE 1.6.0_19: CVE-2009-3555, CVE-2010-0082,\n CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088,\n CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092,\n CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837,\n CVE-2010-0838, CVE-2010-0839, CVE-2010-0840, CVE-2010-0841,\n CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0845,\n CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849,\n CVE-2010-0850. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following name to the security issue fixed in\n Oracle (Sun) JRE 1.6.0_20: CVE-2010-0886. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows not applicable **\n VirtualCenter 2.5 Windows not applicable **\n\n Update Manager 4.1 Windows not applicable **\n Update Manager 4.0 Windows not applicable **\n Update Manager 1.0 Windows not applicable **\n\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX not applicable **\n ESX 3.5 ESX not applicable **\n ESX 3.0.3 ESX not applicable **\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n ** this product uses the Oracle (Sun) JRE 1.5.0 family\n\nd. vCenter Update Manager Oracle (Sun) JRE is updated to version\n 1.5.0_26\n\n Oracle (Sun) JRE update to version 1.5.0_26, which addresses\n multiple security issues that existed in earlier releases of\n Oracle (Sun) JRE. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Oracle (Sun) JRE 1.5.0_26: CVE-2010-3556, CVE-2010-3566,\n CVE-2010-3567, CVE-2010-3550, CVE-2010-3561, CVE-2010-3573,\n CVE-2010-3565,CVE-2010-3568, CVE-2010-3569, CVE-2009-3555,\n CVE-2010-1321, CVE-2010-3548, CVE-2010-3551, CVE-2010-3562,\n CVE-2010-3571, CVE-2010-3554, CVE-2010-3559, CVE-2010-3572,\n CVE-2010-3553, CVE-2010-3549, CVE-2010-3557, CVE-2010-3541,\n CVE-2010-3574. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows not applicable **\n vCenter 4.0 Windows affected, patch pending\n VirtualCenter 2.5 Windows affected, no patch planned\n\n Update Manager 4.1 Windows Update 1\n Update Manager 4.0 Windows affected, patch pending\n Update Manager 1.0 Windows affected, no patch planned\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX not applicable **\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX affected, no patch planned\n ESX 3.0.3 ESX affected, no patch planned\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n ** this product uses the Oracle (Sun) JRE 1.6.0 family\n\n e. vCenter Server and ESX Apache Tomcat updated to version 6.0.28\n\n Apache Tomcat updated to version 6.0.28, which addresses multiple\n security issues that existed in earlier releases of Apache Tomcat\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Apache Tomcat 6.0.24: CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,i\n and CVE-2009-3548. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the following names to the security issues fixed in\n Apache Tomcat 6.0.28: CVE-2010-2227, CVE-2010-1157. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows affected, patch pending\n VirtualCenter 2.5 Windows not applicable **\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX not applicable **\n ESX 3.0.3 ESX not applicable **\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n ** this product uses the Apache Tomcat 5.5 family\n\n f. vCenter Server third party component OpenSSL updated to version\n 0.9.8n\n\n The version of the OpenSSL library in vCenter Server is updated to\n 0.9.8n. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0740 and CVE-2010-0433 to the\n issues addressed in this version of OpenSSL. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter 4.1 Windows Update 1\n vCenter 4.0 Windows affected, patch pending\n VirtualCenter 2.5 Windows affected, no patch planned\n\n hosted * any any not applicable\n\n ESXi any ESXi not applicable\n\n ESX any ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n g. ESX third party component OpenSSL updated to version 0.9.8p\n\n The version of the ESX OpenSSL library is updated to 0.9.8p. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-3864 and CVE-2010-2939 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not applicable\n\n hosted * any any not applicable\n ESXi 4.1 ESXi ESXi410-201101201-SG\n ESXi 4.0 ESXi affected, patch pending\n ESXi 3.5 ESXi affected, patch pending\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX affected, patch pending\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n h. ESXi third party component cURL updated\n\n The version of cURL library in ESXi is updated. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-0734 to the issues addressed in\n this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi 4.1 ESXi ESXi410-201101201-SG\n ESXi 4.0 ESXi affected, patch pending\n ESXi 3.5 ESXi affected, patch pending\n\n ESX any ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n i. ESX third party component pam_krb5 updated\n\n The version of pam_krb5 library is updated. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2008-3825 and CVE-2009-1384 to the\n issues addressed in the update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n j. ESX third party update for Service Console kernel\n\n The Service Console kernel is updated to include kernel version\n 2.6.18-194.11.1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1084, CVE-2010-2066, CVE-2010-2070,\n CVE-2010-2226, CVE-2010-2248, CVE-2010-2521, CVE-2010-2524,\n CVE-2010-0008, CVE-2010-0415, CVE-2010-0437, CVE-2009-4308,\n CVE-2010-0003, CVE-2010-0007, CVE-2010-0307, CVE-2010-1086,\n CVE-2010-0410, CVE-2010-0730, CVE-2010-1085, CVE-2010-0291,\n CVE-2010-0622, CVE-2010-1087, CVE-2010-1173, CVE-2010-1437,\n CVE-2010-1088, CVE-2010-1187, CVE-2010-1436, CVE-2010-1641, and\n CVE-2010-3081 to the issues addressed in the update. \n\n Note: This update also addresses the 64-bit compatibility mode\n stack pointer underflow issue identified by CVE-2010-3081. This\n issue was patched in an ESX 4.1 patch prior to the release of\n ESX 4.1 Update 1. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201101201-SG\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX not applicable\n ESX 3.0.3 ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the checksum of your downloaded file. \n\n VMware vCenter Server 4.1 Update 1 and modules\n ----------------------------------------------\n\nhttp://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0\n Release Notes:\n http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html\n\n File type: .iso\n md5sum: 729cf247aa5d33ceec431c86377eee1a\n sha1sum: c1e10a5fcbc1ae9d13348d43541d574c563d66f0\n\n File type: .zip\n md5sum: fd1441bef48a153f2807f6823790e2f0\n sha1sum: 31737a816ed1c08ab3a505fb6db2483f49ad7c19\n\n VMware vSphere Client\n File type: .exe\n md5sum: cb6aa91ada1289575355d79e8c2a9f8e\n sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4\n\n ESXi 4.1 Installable Update 1\n -----------------------------\n\nhttp://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0\n Release Notes:\n\nhttp://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html\n http://kb.vmware.com/kb/1027919\n\n File type: .iso\n MD5SUM: d68d6c2e040a87cd04cd18c04c22c998\n SHA1SUM: bbaacc0d34503822c14f6ccfefb6a5b62d18ae64\n\n ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.1)\n File type: .zip\n MD5SUM: 2f1e009c046b20042fae3b7ca42a840f\n SHA1SUM: 1c9c644012dec657a705ddd3d033cbfb87a1fab1\n\n ESXi 4.1 Update 1 (upgrade ZIP from ESXi 4.0)\n File type: .zip\n MD5SUM: 67b924618d196dafaf268a7691bd1a0f\n SHA1SUM: 9d74b639e703259d9e49c0341158e0d4e45de516 \t\n\n ESXi 4.1 Update 1 (upgrade ZIP from ESXi 3.5)\n File type: .zip\n MD5SUM: a6024b9f6c6b7b2c629696afc6d07cf4\n SHA1SUM: b3841de1a30617ac68d5a861882aa72de3a93488 \t\n\n VMware Tools CD image for Linux Guest OSes\n File type: .iso\n MD5SUM: dad66fa8ece1dd121c302f45444daa70\n SHA1SUM: 56535a2cfa7799607356c6fd0a7d9f041da614af \t\n\n VMware vSphere Client\n File type: .exe\n MD5SUM: cb6aa91ada1289575355d79e8c2a9f8e\n SHA1SUM: f9e3d8eb83196ae7c31aab554e344a46b722b1e4\n\n ESXi Installable Update 1 contains the following security bulletins:\n ESXi410-201101201-SG. \n\n ESX 4.1 Update 1\n ----------------\n\nhttp://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0\n Release Notes:\n\nhttp://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html\n http://kb.vmware.com/kb/1029353\n\n ESX 4.1 Update 1 (DVD ISO)\n File type: .iso\n md5sum: b9a275b419a20c7bedf31c0bf64f504e\n sha1sum: 2d85edcaca8218013585e1eab00bc80db6d96e11 \t\n\n ESX 4.1 Update 1 (upgrade ZIP from ESX 4.1)\n File type: .zip\n md5sum: 2d81a87e994aa2b329036f11d90b4c14\n sha1sum: c2bfc0cf7ac03d24afd5049ddbd09a865aad1798 \t\n\n Pre-upgrade package for ESX 4.0 to ESX 4.1 Update 1\n File type: .zip\n md5sum: 75f8cebfd55d8a81deb57c27def963c2\n sha1sum: 889c15aa8008fe0e29439d0ab3468c2beb1c4fe2 \t\n\n ESX 4.1 Update 1 (upgrade ZIP from ESX 4.0)\n File type: .zip\n md5sum: 1dc9035cd10e7e60d27e7a7aef57b4c2\n sha1sum: e6d3fb65d83a3e263d0f634a3572025854ff8922 \t\n\n VMware Tools CD image for Linux Guest OSes\n File type: .iso\n md5sum: dad66fa8ece1dd121c302f45444daa70\n sha1sum: 56535a2cfa7799607356c6fd0a7d9f041da614af \t\n\n VMware vSphere Client\n File type: .exe\n md5sum: cb6aa91ada1289575355d79e8c2a9f8e\n sha1sum: f9e3d8eb83196ae7c31aab554e344a46b722b1e4\n\n ESX410-Update01 contains the following security bulletins:\n ESX410-201101201-SG (COS kernel, pam_krb5, cURL, OpenSSL,\n Apache Tomcat, Oracle (Sun) JRE) | http://kb.vmware.com/kb/1027904\n ESX410-201101226-SG (glibc) | http://kb.vmware.com/kb/1031330\n\n ESX410-Update01 also contains the following non-security bulletins\n ESX410-201101211-UG, ESX410-201101213-UG, ESX410-201101215-UG,\n ESX410-201101202-UG, ESX410-201101203-UG, ESX410-201101204-UG,\n ESX410-201101206-UG, ESX410-201101207-UG, ESX410-201101208-UG,\n ESX410-201101214-UG, ESX410-201101216-UG, ESX410-201101217-UG,\n ESX410-201101218-UG, ESX410-201101219-UG, ESX410-201101220-UG,\n ESX410-201101221-UG, ESX410-201101222-UG, ESX410-201101225-UG. \n\n To install an individual bulletin use esxupdate with the -b option. \n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5416\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0085\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0086\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0107\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0106\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2928\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0082\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0084\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0085\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0087\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0088\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0089\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0090\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0091\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0092\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0093\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0095\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0837\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0838\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0839\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0840\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0841\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0842\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0843\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0844\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0845\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0846\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0848\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0849\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0850\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0886\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0734\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3825\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1384\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1084\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2066\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2070\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2226\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2248\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2521\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2524\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0008\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0415\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0437\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4308\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0003\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0007\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0307\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1086\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0410\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0730\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1085\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0291\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0622\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1087\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1437\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1088\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1187\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1436\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1641\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3561\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3554\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3559\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2011-02-10 VMSA-2011-0003\nInitial security advisory in conjunction with the release of vCenter\nServer 4.1 Update 1, vCenter Update Manager 4.1 Update 1, ESXi 4.1\nUpdate 1, and ESX 4.1 Update 1 on 2011-02-10. \n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisories\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2011 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAk1U1eoACgkQS2KysvBH1xm3swCfeh4sWvPOubDT1K7QlRj3SjW9\ndxYAmwbNLMR9IG/rKZDYh9hqcf4IldCX\n=2pVj\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201110-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 09, 2011\n Bugs: #303739, #308011, #322575, #332027, #345767, #347623,\n #354139, #382069\n ID: 201110-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in OpenSSL, allowing for the\nexecution of arbitrary code and other attacks. \n\nBackground\n==========\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer\n(SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general\npurpose cryptography library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 1.0.0e \u003e= 1.0.0e\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nA context-dependent attacker could cause a Denial of Service, possibly\nexecute arbitrary code, bypass intended key requirements, force the\ndowngrade to unintended ciphers, bypass the need for knowledge of\nshared secrets and successfully authenticate, bypass CRL validation, or\nobtain sensitive information in applications that use OpenSSL. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.0e\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since September 17, 2011. It is likely that your system is\nalready no longer affected by most of these issues. \n\nReferences\n==========\n\n[ 1 ] CVE-2009-3245\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3245\n[ 2 ] CVE-2009-4355\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4355\n[ 3 ] CVE-2010-0433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0433\n[ 4 ] CVE-2010-0740\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0740\n[ 5 ] CVE-2010-0742\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0742\n[ 6 ] CVE-2010-1633\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1633\n[ 7 ] CVE-2010-2939\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2939\n[ 8 ] CVE-2010-3864\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3864\n[ 9 ] CVE-2010-4180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180\n[ 10 ] CVE-2010-4252\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4252\n[ 11 ] CVE-2011-0014\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0014\n[ 12 ] CVE-2011-3207\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3207\n[ 13 ] CVE-2011-3210\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. \n \n Packages for 2008.0 and 2009.0 are provided due to the Extended\n Maintenance Program for those products. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 6779a4a1db26d264e8245d5a2e03b8e2 2008.0/i586/libopenssl0.9.8-0.9.8e-8.6mdv2008.0.i586.rpm\n 32d0879c08e77ec6ee2bf3401e342ab5 2008.0/i586/libopenssl0.9.8-devel-0.9.8e-8.6mdv2008.0.i586.rpm\n f96338b09159511eb17480a3a398cdf4 2008.0/i586/libopenssl0.9.8-static-devel-0.9.8e-8.6mdv2008.0.i586.rpm\n 3b314cadba52af9c6ef20807fa6a7e40 2008.0/i586/openssl-0.9.8e-8.6mdv2008.0.i586.rpm \n 5781d06f2bc45312c89d5578b3d4426e 2008.0/SRPMS/openssl-0.9.8e-8.6mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 18a2f6b7bc42e89172e199e2c9d9cbd7 2008.0/x86_64/lib64openssl0.9.8-0.9.8e-8.6mdv2008.0.x86_64.rpm\n adbcfd94636bf43eca84d56b000f1bf9 2008.0/x86_64/lib64openssl0.9.8-devel-0.9.8e-8.6mdv2008.0.x86_64.rpm\n 78a4ae2c93221b31e75ff44f01cc963e 2008.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8e-8.6mdv2008.0.x86_64.rpm\n cf642101a500d21a1b0d560c94f6c33b 2008.0/x86_64/openssl-0.9.8e-8.6mdv2008.0.x86_64.rpm \n 5781d06f2bc45312c89d5578b3d4426e 2008.0/SRPMS/openssl-0.9.8e-8.6mdv2008.0.src.rpm\n\n Mandriva Linux 2009.1:\n 2179a8dcd20d37f14ee8830af0b19f18 2009.1/i586/libopenssl0.9.8-0.9.8k-1.5mdv2009.1.i586.rpm\n 2fa14647d3a714b59fcc96893b872d89 2009.1/i586/libopenssl0.9.8-devel-0.9.8k-1.5mdv2009.1.i586.rpm\n 3456989c6989346efcf82a2ac744b860 2009.1/i586/libopenssl0.9.8-static-devel-0.9.8k-1.5mdv2009.1.i586.rpm\n ea0d9271dff872444a5104edb5a35782 2009.1/i586/openssl-0.9.8k-1.5mdv2009.1.i586.rpm \n 9606d6dd9ef55a4e36585031819ff68a 2009.1/SRPMS/openssl-0.9.8k-1.5mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n 48b2c896f7f5a78da411c3f952641a7c 2009.1/x86_64/lib64openssl0.9.8-0.9.8k-1.5mdv2009.1.x86_64.rpm\n f2243e30cf19af90a5d318a9b58f7166 2009.1/x86_64/lib64openssl0.9.8-devel-0.9.8k-1.5mdv2009.1.x86_64.rpm\n eb21df80599178f9e0801f56ea53c596 2009.1/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-1.5mdv2009.1.x86_64.rpm\n 7623f6957ce025df671f26da48b43a8c 2009.1/x86_64/openssl-0.9.8k-1.5mdv2009.1.x86_64.rpm \n 9606d6dd9ef55a4e36585031819ff68a 2009.1/SRPMS/openssl-0.9.8k-1.5mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n bf40dda29eab76aed02a1d7cb0c6b7b0 2010.0/i586/libopenssl0.9.8-0.9.8k-5.2mdv2010.0.i586.rpm\n 88f7e61fb1a73b6785eb7dd619b4ba26 2010.0/i586/libopenssl0.9.8-devel-0.9.8k-5.2mdv2010.0.i586.rpm\n 43c3513218c3a1f9b92e6de050905511 2010.0/i586/libopenssl0.9.8-static-devel-0.9.8k-5.2mdv2010.0.i586.rpm\n a8301e1c6f5f770673e3b5aa78def152 2010.0/i586/openssl-0.9.8k-5.2mdv2010.0.i586.rpm \n d34a969c322305ba7c2bf42c464e655b 2010.0/SRPMS/openssl-0.9.8k-5.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n bd1bad7a46c995dd70390db3d3f54d9b 2010.0/x86_64/lib64openssl0.9.8-0.9.8k-5.2mdv2010.0.x86_64.rpm\n c402e4d826ff811ed12e51348433043d 2010.0/x86_64/lib64openssl0.9.8-devel-0.9.8k-5.2mdv2010.0.x86_64.rpm\n 11bc52f64e3149750039441e0953c1ac 2010.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8k-5.2mdv2010.0.x86_64.rpm\n a312e7b5c36582656783e287e4fbf8b2 2010.0/x86_64/openssl-0.9.8k-5.2mdv2010.0.x86_64.rpm \n d34a969c322305ba7c2bf42c464e655b 2010.0/SRPMS/openssl-0.9.8k-5.2mdv2010.0.src.rpm\n\n Corporate 4.0:\n 838799e95a4b8ddbad162e3d85826cb3 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.12.20060mlcs4.i586.rpm\n fa537398af95ed3d4d2bf0458d6968e7 corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.12.20060mlcs4.i586.rpm\n 44095aa5ee43e81861066b7be51f26e0 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.12.20060mlcs4.i586.rpm\n 311d0ffc5d5c066e78444899796d9a04 corporate/4.0/i586/openssl-0.9.7g-2.12.20060mlcs4.i586.rpm \n ffcbb14a29c554d271b34a07ba8c6760 corporate/4.0/SRPMS/openssl-0.9.7g-2.12.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 36a4b10bb78a32c87eacb51bb898ce74 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.12.20060mlcs4.x86_64.rpm\n 97bc349e00703ec30ed4bc92ed1c8ad3 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.12.20060mlcs4.x86_64.rpm\n c5ad86569b033f43117c190d4843cb62 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.12.20060mlcs4.x86_64.rpm\n 7323557da4375c9e28f0fc6ffe3c9681 corporate/4.0/x86_64/openssl-0.9.7g-2.12.20060mlcs4.x86_64.rpm \n ffcbb14a29c554d271b34a07ba8c6760 corporate/4.0/SRPMS/openssl-0.9.7g-2.12.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 5397afaa4dd55a61a69c7a613b4a04d0 mes5/i586/libopenssl0.9.8-0.9.8h-3.7mdvmes5.1.i586.rpm\n 672b31b0932445ab920d98674b39568e mes5/i586/libopenssl0.9.8-devel-0.9.8h-3.7mdvmes5.1.i586.rpm\n bd4315ba38456187e89a3608f9a81449 mes5/i586/libopenssl0.9.8-static-devel-0.9.8h-3.7mdvmes5.1.i586.rpm\n 97c3e766752633e2dc3fb4e8808d94a2 mes5/i586/openssl-0.9.8h-3.7mdvmes5.1.i586.rpm \n 3fa202efa10e5a1758296c38d550e3c9 mes5/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n eff1bf6b250becc30db24dd090677cdc mes5/x86_64/lib64openssl0.9.8-0.9.8h-3.7mdvmes5.1.x86_64.rpm\n a516bcfc84c4d725f9123aba88f2f433 mes5/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.7mdvmes5.1.x86_64.rpm\n 82bc5fb4ce477538a44d934ad20d0a76 mes5/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.7mdvmes5.1.x86_64.rpm\n 1423afe3a03dc74af39c81a5ea8382ba mes5/x86_64/openssl-0.9.8h-3.7mdvmes5.1.x86_64.rpm \n 3fa202efa10e5a1758296c38d550e3c9 mes5/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm\n\n Multi Network Firewall 2.0:\n dc0699f12403b68e03714fbf196c1a61 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.13.C30mdk.i586.rpm\n 300487b72c03dc789393b1d031b0f79f mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.13.C30mdk.i586.rpm\n a7153e4b9c5b0b3710307ec9366bc7c6 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.13.C30mdk.i586.rpm\n 51f0b04c0a6ceb1008c017ff5c9e708e mnf/2.0/i586/openssl-0.9.7c-3.13.C30mdk.i586.rpm \n 4fbf3a9a35931cc30fdda10ce7d1d911 mnf/2.0/SRPMS/openssl-0.9.7c-3.13.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLybd5mqjQ0CJFipgRAoogAKDhb8KNEsbPJbLGW/HkRJtwmigdlACeLosx\nAivcTVPvxGwS+9NxLS8bfeA=\n=M7MB\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02079216\nVersion: 1\n\nHPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2010-04-13\nLast Updated: 2010-04-13\n\nPotential Security Impact: Remote unauthorized information disclosure, unauthorized data modification, Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities has been identified with HP-UX OpenSSL. These vulnerabilities could be exploited remotely for unauthorized information disclosure, unauthorized data modification, and to create a Denial of Service (DoS). \nHP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08n. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2009-3245 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4\nCVE-2009-4355 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location. \n\nHost / Account / Password\n\nftp.usa.hp.com / sb02517 / Secure12\n\nHP-UX Release / Depot Name / SHA-1 digest\n\nB.11.11 PA (32 and 64) / OpenSSL_A.00.09.08n.001_HP-UX_B.11.11_32+64.depot /\n 2FE85DEE859C93F9D02A69666A455E9A7442DC5D\n\nB.11.23 (PA and IA) / OpenSSL_A.00.09.08n.002_HP-UX_B.11.23_IA-PA.depot /\n 69F9AEE88F89C53FFE6794822F6A843F312384CD\n\nB.11.31 (PA and IA) / OpenSSL_A.00.09.08n.003_HP-UX_B.11.31_IA-PA.depot /\n 07A205AA57B4BDF98B65D31287CDCBE3B9F011D5\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08n or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08n.001 or subsequent\n\nHP-UX B.11.23\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08n.002 or subsequent\n\nHP-UX B.11.31\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08n.003 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 13 April 2010 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Apache-based Web Server is contained in the Apache Web Server Suite. \nThe upgrades are available from the following location:\n\nURL http://software.hp.com\n\nNote: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09\nNote: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15\n\nWeb Server Suite Version / HP-UX Release / Depot name\n\nWeb Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot\n\nWeb Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot\n\nWeb Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot\n\nWeb Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot\n\nWeb Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot\n\nWeb Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot\n\nWeb Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent\nor\nInstall Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0740"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "BID",
"id": "39013"
},
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "PACKETSTORM",
"id": "169649"
},
{
"db": "PACKETSTORM",
"id": "98419"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "88621"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "90263"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=12334",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0740",
"trust": 3.4
},
{
"db": "VUPEN",
"id": "ADV-2010-0710",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023748",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2010-1216",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0933",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0839",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "42733",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "39932",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "42724",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "43311",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393",
"trust": 0.6
},
{
"db": "BID",
"id": "39013",
"trust": 0.3
},
{
"db": "EXPLOIT-DB",
"id": "12334",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-0740",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169649",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98419",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105638",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88621",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88387",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90263",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "BID",
"id": "39013"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "PACKETSTORM",
"id": "169649"
},
{
"db": "PACKETSTORM",
"id": "98419"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "88621"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"id": "VAR-201003-0281",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.44448256
},
"last_update_date": "2024-11-29T21:20:24.082000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4723",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4723"
},
{
"title": "HPSBUX02517",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02079216"
},
{
"title": "HPSBUX02531",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02160663"
},
{
"title": "5092",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=5092"
},
{
"title": "5101",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=5101"
},
{
"title": "secadv_20100324",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20100324.txt"
},
{
"title": "VMSA-2011-0003",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
},
{
"title": "openssl-0.9.8n",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=155"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2010-0740: openssl denial-of-service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=f6760a316bfc017e8e4b03c469542809"
},
{
"title": "Symantec Security Advisories: SA50 : Multiple SSL/TLS vulnerabilities in Reporter",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e934b8269c86666c1ebc108ca0e3d35"
},
{
"title": "VMware Security Advisories: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=ea953b0a91a1816979ec1d304d5e3d93"
},
{
"title": "deepdig",
"trust": 0.1,
"url": "https://github.com/cyberdeception/deepdig "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2010/0710"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1023748"
},
{
"trust": 2.0,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
},
{
"trust": 2.0,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa50"
},
{
"trust": 1.8,
"url": "http://www.openssl.org/news/secadv_20100324.txt"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/0839"
},
{
"trust": 1.7,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-april/038587.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/0933"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:076"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2010/1216"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/39932"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/42733"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/42724"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/security/advisories/vmsa-2011-0003.html"
},
{
"trust": 1.7,
"url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
},
{
"trust": 1.7,
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-january/000101.html"
},
{
"trust": 1.7,
"url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-january/000102.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/43311"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2011//jun/msg00000.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht4723"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11731"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0740"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu976710"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0740"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0740"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/cve_2010_0433_openssl_with"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata45.html"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata46.html"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata47.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org"
},
{
"trust": 0.3,
"url": "http://security-center.intel.com/advisory.aspx?intelid=intel-sa-00024\u0026languageid=en-fr"
},
{
"trust": 0.3,
"url": "/archive/1/510726"
},
{
"trust": 0.3,
"url": "http://voodoo-circle.sourceforge.net/sa/sa-20100624-02.html"
},
{
"trust": 0.3,
"url": "https://support.f5.com/kb/en-us/solutions/public/11000/500/sol11504.html"
},
{
"trust": 0.3,
"url": "https://support.f5.com/kb/en-us/solutions/public/11000/500/sol11533.html"
},
{
"trust": 0.3,
"url": "http://openssl.org/news/secadv_20100324.txt"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3245"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0433"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0433"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4355"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=20139"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/12334/"
},
{
"trust": 0.1,
"url": "https://github.com/cyberdeception/deepdig"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3556"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0085"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1086"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0730"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1088"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1027919"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2939"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/vsphere4/doc/vsp_esxi41_u1_rel_notes.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0095"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0307"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0092"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0093"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3548"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1031330"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3554"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3562"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0088"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0084"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0089"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3557"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3550"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0085"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1384"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3567"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0003"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0837"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3553"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0106"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2227"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0107"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2902"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2901"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/vsphere4/doc/vsp_esx41_u1_rel_notes.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1085"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0091"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0841"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0840"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0291"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2248"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0415"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3561"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3541"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3559"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3565"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1027904"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0093"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0842"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0082"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3574"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0886"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/d/info/datacenter_downloads/vmware_vsphere_4/4_0"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0734"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1157"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0094"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0007"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0850"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2524"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0839"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1087"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3825"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3573"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1084"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5416"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1384"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0008"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0088"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0849"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2070"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4308"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3549"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3548"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2693"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0007"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3568"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0084"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5416"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3864"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3825"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0410"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1321"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0092"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1437"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0003"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0094"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0847"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0082"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0437"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0844"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/pubs/vs_pages/vsp_pubs_esx41_vc41.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3548"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2066"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0089"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2902"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0087"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0087"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2693"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1029353"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0085"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0846"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2226"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1173"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0008"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1641"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2928"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0106"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0845"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0095"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1187"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2521"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2901"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3081"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3551"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0742"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4355"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3207"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3864"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2939"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1633"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3210"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0740"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201110-01.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3245"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0433"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0014"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4252"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3245"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://software.hp.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3094"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0408"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "BID",
"id": "39013"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "PACKETSTORM",
"id": "169649"
},
{
"db": "PACKETSTORM",
"id": "98419"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "88621"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"db": "BID",
"id": "39013"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"db": "PACKETSTORM",
"id": "169649"
},
{
"db": "PACKETSTORM",
"id": "98419"
},
{
"db": "PACKETSTORM",
"id": "105638"
},
{
"db": "PACKETSTORM",
"id": "88621"
},
{
"db": "PACKETSTORM",
"id": "88387"
},
{
"db": "PACKETSTORM",
"id": "90263"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-03-26T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"date": "2010-03-24T00:00:00",
"db": "BID",
"id": "39013"
},
{
"date": "2010-04-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"date": "2010-03-24T12:12:12",
"db": "PACKETSTORM",
"id": "169649"
},
{
"date": "2011-02-11T13:13:00",
"db": "PACKETSTORM",
"id": "98419"
},
{
"date": "2011-10-09T16:42:00",
"db": "PACKETSTORM",
"id": "105638"
},
{
"date": "2010-04-19T20:27:54",
"db": "PACKETSTORM",
"id": "88621"
},
{
"date": "2010-04-15T22:26:05",
"db": "PACKETSTORM",
"id": "88387"
},
{
"date": "2010-06-04T04:25:14",
"db": "PACKETSTORM",
"id": "90263"
},
{
"date": "2010-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"date": "2010-03-26T18:30:00.467000",
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0740"
},
{
"date": "2015-04-13T22:05:00",
"db": "BID",
"id": "39013"
},
{
"date": "2011-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001227"
},
{
"date": "2023-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201003-393"
},
{
"date": "2024-11-21T01:12:51.857000",
"db": "NVD",
"id": "CVE-2010-0740"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "88621"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL of ssl3_get_record Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001227"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201003-393"
}
],
"trust": 0.6
}
}
var-200110-0292
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security/ http://www.openpkg.org openpkg-security@openpkg.org openpkg@openpkg.org OpenPKG-SA-2006.021 28-Sep-2006
Package: openssl Vulnerability: denial of service OpenPKG Specific: no
Affected Releases: Affected Packages: Corrected Packages: OpenPKG CURRENT <= openssl-0.9.8c-20060905 >= openssl-0.9.8d-20060928 OpenPKG 2-STABLE <= openssl-0.9.8c-2.20060906 >= openssl-0.9.8d-2.20060928 OpenPKG 2.5-RELEASE <= openssl-0.9.8a-2.5.2 >= openssl-0.9.8a-2.5.3
Description: According to a vendor security advisory [0], four security issues were discovered in the cryptography and SSL/TLS toolkit OpenSSL [1]:
-
This can result in an infinite loop which consumes system memory. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-2937 [2] to the problem.
-
ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-2940 [3] to the problem.
-
SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-3780 [4] to the problem.
-
SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-4343 [5] to the problem.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory.
-----BEGIN PGP SIGNATURE----- Comment: OpenPKG openpkg@openpkg.org
iD8DBQFFG88pgHWT4GPEy58RAh8TAJ4/zpIxAmBkivnMe5QzGxHrJHhkbwCg15li sTSkwWgrJGLza3OQ/yQJSfs= =qyrR -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0292",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n________________________________________________________________________\n\nOpenPKG Security Advisory The OpenPKG Project\nhttp://www.openpkg.org/security/ http://www.openpkg.org\nopenpkg-security@openpkg.org openpkg@openpkg.org\nOpenPKG-SA-2006.021 28-Sep-2006\n________________________________________________________________________\n\nPackage: openssl\nVulnerability: denial of service\nOpenPKG Specific: no\n\nAffected Releases: Affected Packages: Corrected Packages:\nOpenPKG CURRENT \u003c= openssl-0.9.8c-20060905 \u003e= openssl-0.9.8d-20060928\nOpenPKG 2-STABLE \u003c= openssl-0.9.8c-2.20060906 \u003e= openssl-0.9.8d-2.20060928\nOpenPKG 2.5-RELEASE \u003c= openssl-0.9.8a-2.5.2 \u003e= openssl-0.9.8a-2.5.3\n\nDescription:\n According to a vendor security advisory [0], four security issues\n were discovered in the cryptography and SSL/TLS toolkit OpenSSL [1]:\n\n 1. This can result in an infinite loop which\n consumes system memory. The Common Vulnerabilities and Exposures\n (CVE) project assigned the id CVE-2006-2937 [2] to the problem. \n\n 2. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. This could be used by an attacker in a denial of\n service attack. The Common Vulnerabilities and Exposures (CVE)\n project assigned the id CVE-2006-2940 [3] to the problem. \n\n 3. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. The\n Common Vulnerabilities and Exposures (CVE) project assigned the id\n CVE-2006-3780 [4] to the problem. \n\n 4. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. The\n Common Vulnerabilities and Exposures (CVE) project assigned the id\n CVE-2006-4343 [5] to the problem. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. \n________________________________________________________________________\n\n-----BEGIN PGP SIGNATURE-----\nComment: OpenPKG \u003copenpkg@openpkg.org\u003e\n\niD8DBQFFG88pgHWT4GPEy58RAh8TAJ4/zpIxAmBkivnMe5QzGxHrJHhkbwCg15li\nsTSkwWgrJGLza3OQ/yQJSfs=\n=qyrR\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50560"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0292",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-12T19:52:21.853000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200110-0170
Vulnerability from variot
The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.". Wireshark contains a vulnerability in the XOT dissector that may cause the application to crash. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: Apple Airport Probe Response Kernel Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA22679
VERIFY ADVISORY: http://secunia.com/advisories/22679/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: H.D. Moore has reported a vulnerability in the Apple Airport driver, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the Airport driver provided with Orinoco-based Airport cards when handling probe response frames. This can be exploited to overwrite kernel memory and potentially execute arbitrary code when the driver is running in active scanning mode.
The vulnerability is reported in the driver on a PowerBook running version 10.4.8.
SOLUTION: Do not place the card into active scanning mode.
PROVIDED AND/OR DISCOVERED BY: H D Moore
ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-01-11-2006.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0170",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.35"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.34"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.33"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.28"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.23"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.27"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.32"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.36"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.26"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.6,
"vendor": "bouncycastle",
"version": "1.25"
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.23"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.11"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.01"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.29"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.04"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.0"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.12"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.30"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "lte",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.35"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.08"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.17"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.29"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.16"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.09"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.20"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.3.1"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.04"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.26"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.21"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.08"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.32"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.27"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.16"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.09"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.02"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.33"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "lte",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.37"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.24"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.07"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.17"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.20"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.21"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.14"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.05"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.18"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.15"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.24"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.02"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.07"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.25"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.31"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.13"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.05"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.18"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.28"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.03"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.06"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.19"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.14"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.15"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.10"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.22"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.13"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.03"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.06"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.19"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.11"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.01"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.12"
},
{
"model": "legion-of-the-bouncy-castle-java-crytography-api",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.30"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.22"
},
{
"model": "bouncy-castle-crypto-package",
"scope": "eq",
"trust": 1.0,
"vendor": "bouncycastle",
"version": "1.34"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wireshark",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "crypto package",
"scope": "lt",
"trust": 0.8,
"vendor": "bouncy castle",
"version": "1.36"
},
{
"model": "java cryptography api",
"scope": "lt",
"trust": 0.8,
"vendor": "bouncy castle",
"version": "1.38"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:bouncycastle:bouncy-castle-crypto-package",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. Henson NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
}
],
"trust": 0.6
},
"cve": "CVE-2007-6721",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-6721",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-6721",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#191336",
"trust": 0.8,
"value": "0.34"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2007-6721",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200903-494",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\". Wireshark contains a vulnerability in the XOT dissector that may cause the application to crash. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Airport Probe Response Kernel Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA22679\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22679/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nH.D. Moore has reported a vulnerability in the Apple Airport driver,\nwhich potentially can be exploited by malicious people to compromise\na vulnerable system. \n\nThe vulnerability is caused due to an error in the Airport driver\nprovided with Orinoco-based Airport cards when handling probe\nresponse frames. This can be exploited to overwrite kernel memory and\npotentially execute arbitrary code when the driver is running in\nactive scanning mode. \n\nThe vulnerability is reported in the driver on a PowerBook running\nversion 10.4.8. \n\nSOLUTION:\nDo not place the card into active scanning mode. \n\nPROVIDED AND/OR DISCOVERED BY:\nH D Moore\n\nORIGINAL ADVISORY:\nhttp://projects.info-pull.com/mokb/MOKB-01-11-2006.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6721"
},
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "51595"
}
],
"trust": 7.02
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6721",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.4
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "50358",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "50360",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "50359",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "22679",
"trust": 0.9
},
{
"db": "BID",
"id": "20762",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22692",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22672",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22797",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22841",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22929",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22590",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22659",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#723736",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#191336",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716",
"trust": 0.8
},
{
"db": "MLIST",
"id": "[DEV-CRYPTO] 20071109 BOUNCY CASTLE CRYPTO PROVIDER PACKAGE VERSION 1.36 NOW AVAILABLE",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494",
"trust": 0.6
},
{
"db": "BID",
"id": "19849",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "51595",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"id": "VAR-200110-0170",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-11-29T22:37:36.551000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "msg08195",
"trust": 0.8,
"url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.9,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.6,
"url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"
},
{
"trust": 1.6,
"url": "http://www.bouncycastle.org/csharp/"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/50360"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/50359"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/50358"
},
{
"trust": 1.6,
"url": "http://www.bouncycastle.org/releasenotes.html"
},
{
"trust": 1.1,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/22679/"
},
{
"trust": 0.9,
"url": "http://projects.info-pull.com/mokb/mokb-01-11-2006.html"
},
{
"trust": 0.8,
"url": "http://www.wireshark.org/security/wnpa-sec-2006-03.html "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20762 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22590 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22659/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22672/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22692/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22797/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22841/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22929/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://standards.ieee.org/announcements/pr_frames.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6721"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6721"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#723736"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#723736"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#191336"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"date": "2006-11-03T00:05:01",
"db": "PACKETSTORM",
"id": "51595"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"date": "2009-03-30T01:30:00.217000",
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-12-20T00:00:00",
"db": "CERT/CC",
"id": "VU#723736"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#191336"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002716"
},
{
"date": "2009-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200903-494"
},
{
"date": "2024-11-21T00:40:50.837000",
"db": "NVD",
"id": "CVE-2007-6721"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wireshark contains an unspecified vulnerability in the XOT dissector",
"sources": [
{
"db": "CERT/CC",
"id": "VU#723736"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200903-494"
}
],
"trust": 0.6
}
}
var-200609-1553
Vulnerability from variot
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: Apple Airport Probe Response Kernel Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA22679
VERIFY ADVISORY: http://secunia.com/advisories/22679/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: H.D. Moore has reported a vulnerability in the Apple Airport driver, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the Airport driver provided with Orinoco-based Airport cards when handling probe response frames. This can be exploited to overwrite kernel memory and potentially execute arbitrary code when the driver is running in active scanning mode.
The vulnerability is reported in the driver on a PowerBook running version 10.4.8.
SOLUTION: Do not place the card into active scanning mode.
PROVIDED AND/OR DISCOVERED BY: H D Moore
ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-01-11-2006.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1191-1 security@debian.org http://www.debian.org/security/ Martin Schulze October 5th, 2006 http://www.debian.org/security/faq
Package : mozilla-thunderbird Vulnerability : several Problem type : remote Debian-specific: no CVE IDs : CVE-2006-2788 CVE-2006-4340 CVE-2006-4565 CVE-2006-4566 CVE-2006-4568 CVE-2006-4570 CVE-2006-4571 BugTraq ID : 20042
Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities:
CVE-2006-2788
Fernando Ribeiro discovered that a vulnerability in the getRawDER
functionallows remote attackers to cause a denial of service
(hang) and possibly execute arbitrary code.
CVE-2006-4340
Daniel Bleichenbacher recently described an implementation error
in RSA signature verification that cause the application to
incorrectly trust SSL certificates.
CVE-2006-4568
A vulnerability has been discovered that allows remote attackers
to bypass the security model and inject content into the sub-frame
of another site.
CVE-2006-4570
Georgi Guninski demonstrated that even with JavaScript disabled in
mail (the default) an attacker can still execute JavaScript when a
mail message is viewed, replied to, or forwarded.
For the stable distribution (sarge) these problems have been fixed in version 1.0.2-2.sarge1.0.8c.1.
For the unstable distribution (sid) these problems have been fixed in version 1.5.0.7-1.
We recommend that you upgrade your Mozilla Thunderbird packages.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.dsc
Size/MD5 checksum: 1003 d7261fba347b9876e873f1d424e60190
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.diff.gz
Size/MD5 checksum: 519315 066ed351050722c36274e3e837fd174f
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2.orig.tar.gz
Size/MD5 checksum: 33288906 806175393a226670aa66060452d31df4
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 12855288 285e55a20445ea5dffe79de01baf788c
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 3280106 0206d9fe08e3da2d4bf919c6b2b54ec7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 152092 c5c984f0f11f94cb263f5bbef367de09
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 33520 ed7e6d825f630da666e07914527f2c75
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_alpha.deb
Size/MD5 checksum: 89492 1e9ed565915dc4327e444ad999cc5daa
AMD64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 12258904 f40f86252184ce7360b2b9d1e58cef8f
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 3281164 e4e2160d22d4721508f1762804b3b18b
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 151124 a72d17f827929c9189f9ba96ff73c7a1
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 33512 bbe0fe4a7e56a138c220790ab9de97a6
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_amd64.deb
Size/MD5 checksum: 89350 f2b7e1d1d4eb5f1abb2522ddbdb46ff5
ARM architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 10345146 4c171699433072d443eb7b35a2550fd2
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 3272118 a52ad3d2cd1806e936374537e135d7db
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 143266 9dedbe9b5f45727a93cfccb5c99bf371
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 33522 14d1c0d0af46731075ea7c35c2900258
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_arm.deb
Size/MD5 checksum: 81318 81219b4c82896fab12427e42df1b2760
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 13570024 3a62ee11075402dfad030e2ede937191
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 3285124 e9cadee2d32b2bcb56b1278043e97da4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 153296 3fecaa707002afb1ba6854da724ad132
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 33520 83e537b9aff4d44fd958043298a1d7f2
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_hppa.deb
Size/MD5 checksum: 97390 c3ceeedcf00d99d34c7b5f424da7da63
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 11568436 af1de65bd715970c4432149aec80b2a2
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 3507870 5dab89db24f1443fe782dc931f4ee0af
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 146732 bc52082cd1ab0f026c401204cd63b4a7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 33518 5d3c9700cce7b9c0261c246ed7b8afd4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_i386.deb
Size/MD5 checksum: 88084 e244c9c8b7224814774bef13f4213d4e
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 14628630 07bfcc171f449b86b9d62f903e29d506
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 3291260 d7186841974796f8f90be26700801a95
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 155452 e17eb664e56fcc0809dd36580f92cc1a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 33514 fc890529fdea5526a05ffd16b96f5956
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_ia64.deb
Size/MD5 checksum: 107220 eb93528d586b050ecc3b60742b4fa344
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 10794842 fa716b92e3c7a9d67fad6fd453c78bb4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 3271690 d95eb910dd6d38de41c17fcb6b1c4696
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 145054 2b7570676e15cea809905c442f91b5e0
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 33550 3db6c520d1c489fb4e17501d19dececf
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_m68k.deb
Size/MD5 checksum: 82556 32d25c11844a48ed963e3c5c51ff34fc
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 11948708 4f58ce9668da6a12b823edaa3c8b35b3
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 3279410 e639b2bf43eda95d3ca3bb0b9aec6df7
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 148042 cb6ee4a9bd4dec3166e48e356b9c3465
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 33524 2765555b00f4ed717b34e98c5c0d9c02
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mips.deb
Size/MD5 checksum: 84748 0e934e90bb6bd47c7500fd665728ba27
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 11817078 4239077894c74444d33063229dd847df
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 3280416 ac165850436e63818da8fffe134628d1
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 147600 ae6d7ff1b34dddab3d0c18d6e38bc77b
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 33518 27bed1b95a4e34a291c7e67c6a9fdd37
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mipsel.deb
Size/MD5 checksum: 84650 173fefc8b58b15398b3cccad2c812495
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 10912494 d13ec5b97f5fde0795e5f762330756f6
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 3270108 dbd7eb3154db4a379fcfcda6b7d414b9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 145048 b9ab45845f58fb064d7d1ae449481db9
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 33526 b5e07e26d215581b4cc0fea6d71beaf3
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_powerpc.deb
Size/MD5 checksum: 81478 b57b8038afbfd5490a6cf847e740ab60
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 12705708 68195861caccd07a18a379ffe2e88403
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 3280614 38dec996622a4e1762a1ef683bba9c43
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 151436 b54ba7420653e63746d019b979f3ae76
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 33516 e24dafe27c103a8d40de9a905b052311
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_s390.deb
Size/MD5 checksum: 89290 9daa1eb634834e02aefde0a594bcd0f9
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 11181284 adedd4c6302ddb868a531810d226143a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 3275816 c38922ec47674939277e6984f87c0eb4
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 144702 9183a627463aa564a0313d4d361d22f3
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 33528 5f87736faa9ee0a9b10e29c48280798a
http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_sparc.deb
Size/MD5 checksum: 83122 72966880dc02a1b472dcac7b1404fa58
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFJNsFW5ql+IAeqTIRAgeZAJ0dYXyy9QKfcADcFekhEP7n0hfqeACgpro4 H5iKBfGUezJNoEbseNfM8+Q= =Dv+0 -----END PGP SIGNATURE-----
.
Background
The Mozilla Network Security Service is a library implementing security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/nss < 3.11.3 >= 3.11.3
Description
Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. This impacts any software using the NSS library, like the Mozilla products Firefox, Thunderbird and Seamonkey.
Workaround
There is no known workaround at this time.
Resolution
All NSS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/nss-3.11.3"
Note: As usual after updating a library, you should run 'revdep-rebuild' (from the app-portage/gentoolkit package) to ensure that all applications linked to it are properly rebuilt.
References
[ 1 ] CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 [ 2 ] CVE-2006-4340 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
This update provides the latest Firefox to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4571 http://www.mozilla.org/security/announce/2006/mfsa2006-57.html http://www.mozilla.org/security/announce/2006/mfsa2006-58.html http://www.mozilla.org/security/announce/2006/mfsa2006-59.html http://www.mozilla.org/security/announce/2006/mfsa2006-60.html http://www.mozilla.org/security/announce/2006/mfsa2006-61.html http://www.mozilla.org/security/announce/2006/mfsa2006-62.html http://www.mozilla.org/security/announce/2006/mfsa2006-64.html
Updated Packages:
Mandriva Linux 2006.0: 4e750ef25e44a1b493d2a61ad5f9a7a2 2006.0/i586/devhelp-0.10-7.2.20060mdk.i586.rpm e6cd690c11d4e8f352d2ce7bf0f7d4be 2006.0/i586/epiphany-1.8.5-4.2.20060mdk.i586.rpm b2f094942eca657f3dc7a8699cb8b776 2006.0/i586/epiphany-devel-1.8.5-4.2.20060mdk.i586.rpm c4ae8fc253aa1fe055ec4c1560205fab 2006.0/i586/epiphany-extensions-1.8.2-3.2.20060mdk.i586.rpm 08cde29a26e6ac2d0e3b629f660db9fe 2006.0/i586/galeon-2.0.1-1.2.20060mdk.i586.rpm 9c94b904a9f2c64090328edd73d0e1fa 2006.0/i586/libdevhelp-1_0-0.10-7.2.20060mdk.i586.rpm b5ad67818794371f50d63a611c79b45b 2006.0/i586/libdevhelp-1_0-devel-0.10-7.2.20060mdk.i586.rpm fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/i586/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm 770e8d6c5643c78f486ae2c115f7c740 2006.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm ffb123d21760cbba92a232dfb1150b7e 2006.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mdk.i586.rpm fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/i586/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/i586/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm 2596f8b787cea221c80a85fd0854f766 2006.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mdk.i586.rpm c912e48bd5138b8f42b24b3c34653a19 2006.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.i586.rpm 1a82466395715237df552070e51f6525 2006.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.i586.rpm 514de0cacb2462a8a6a26206ac18b617 2006.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.i586.rpm 70415104d0814a6e94c1997c0c464957 2006.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.i586.rpm c2b5a360abd1a8a3e78dd8e9df072b4c 2006.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.i586.rpm f8dd2e9e5a5e374782d9154b09ca7b7d 2006.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.i586.rpm a20a2bee8f26440b13294ef6247f66ec 2006.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.i586.rpm c60d356eddf74e8799b239a925b35953 2006.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.i586.rpm 5b4fbc76811530cfc20ef319daf2f577 2006.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.i586.rpm fdc7591dc15dce7e373f4e167fb2c769 2006.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.i586.rpm 00a17b297ea7b7ee31a3fca5d3109ffc 2006.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.i586.rpm 2bee9151bc0e40bf1ff22a9224643dcb 2006.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.i586.rpm 03285b22a86c82b8558467befb5fa04b 2006.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.i586.rpm f9dbe9c8d7b907e6c1a80f0bce2d9323 2006.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.i586.rpm 4e13ea6856a71514c569581e06515ae8 2006.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.i586.rpm 81b56a020127b1e9c41facb963e670be 2006.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.i586.rpm 3a14f0cee1271d5f4cfedc8967a2be45 2006.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.i586.rpm 9612ac69d69114d1da1dc1bfa6530d9b 2006.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.i586.rpm 9a47da16333b9c1d839e19420ab5c3a5 2006.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.i586.rpm ea5b214a43077114d8adaf184ba6ce61 2006.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.i586.rpm ebf899b39e850438dd4cfb1bbab9ba8d 2006.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.i586.rpm 18522be12bdda788de662d07d5a07e08 2006.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.i586.rpm 19a62453c05c0443aa2999a177d50dac 2006.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.i586.rpm 352aa6197b0b79025f5a71a3135d95c9 2006.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.i586.rpm 64b460d997ff70bf0ff50400c20a98e1 2006.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.i586.rpm 1f67f28a68d57baa96523ef05ccd1bbe 2006.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.i586.rpm f5b2681e10e6eb68e4fb9041262b65c5 2006.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.i586.rpm 8d47794342c430b50dc04f7d4c65cf9d 2006.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.i586.rpm d975c5d5ec3c8fed8846f02105ba4795 2006.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.i586.rpm 563d01331a992ec6ded54d5118bc10ad 2006.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.i586.rpm 4da569e782da6c5b98eab4862c335600 2006.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.i586.rpm 4a77a4d9b22704184694a1a0580440f5 2006.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.i586.rpm 0a153e8351a1ffdfadf067cdf9b2ee06 2006.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.i586.rpm e7ed42daf0c68890a34422d8f5b7dcf6 2006.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.i586.rpm 542ce6ba9713683b8a741ab921cd3e45 2006.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.i586.rpm 55c8c83ad72d6289bf1d45ea517b74ba 2006.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.i586.rpm 591beaf9e8abf8911f023fb147efe765 2006.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.i586.rpm 23b9d2502d7cb24aeea82f358a428ec2 2006.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.i586.rpm be8acdc18fe55ea8a9d0afc553bf21d3 2006.0/i586/yelp-2.10.0-6.2.20060mdk.i586.rpm 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 8f79a25451b9f41d48df89f996869cc7 2006.0/x86_64/devhelp-0.10-7.2.20060mdk.x86_64.rpm a9b851ddb7a77ee0f6d73c9a475658e0 2006.0/x86_64/epiphany-1.8.5-4.2.20060mdk.x86_64.rpm 606bb2a3ece209a7c260fd81d776c123 2006.0/x86_64/epiphany-devel-1.8.5-4.2.20060mdk.x86_64.rpm bb99bf7ed2e5608849cb9b0bcac49041 2006.0/x86_64/epiphany-extensions-1.8.2-3.2.20060mdk.x86_64.rpm 6caf5e05026177525d0d04225e5dcc4a 2006.0/x86_64/galeon-2.0.1-1.2.20060mdk.x86_64.rpm 2ef32f51f707beff08db88d61aab842d 2006.0/x86_64/lib64devhelp-1_0-0.10-7.2.20060mdk.x86_64.rpm 50b6716aa33e6065ce0ba0b107fb3a8c 2006.0/x86_64/lib64devhelp-1_0-devel-0.10-7.2.20060mdk.x86_64.rpm 0b3997e3f646af18f684fdce56194ae3 2006.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mdk.x86_64.rpm 75e63b4f3785b8c7fa4924d7f30be921 2006.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm cda6b659c2777c44fdde0ac3ab1fb11b 2006.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm 4f3e6424fa71a629be1b81415fe2b875 2006.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mdk.x86_64.rpm 7bd353454999969148524636267b68c5 2006.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/x86_64/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm 770e8d6c5643c78f486ae2c115f7c740 2006.0/x86_64/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/x86_64/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/x86_64/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm 561212c426f35a3e2393ad3acbf11bda 2006.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mdk.x86_64.rpm a4a76ca919cec68bef5ec0521e4185b2 2006.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.x86_64.rpm e23f698f02d78a8d8b2ac056e91f106a 2006.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.x86_64.rpm 1e815c45fb57ee56bd4d4258a8cda5ad 2006.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.x86_64.rpm 1c348254b80cec87c2b804825cdd8a5d 2006.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.x86_64.rpm 6eac0be09030f9ed629107600bcbf88f 2006.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.x86_64.rpm a06b4569f5392501df97fb209315782f 2006.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.x86_64.rpm 98aac82b44a66047d884b95f251cd6c5 2006.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.x86_64.rpm 9479078391f288562b612afff9cb994e 2006.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm 247dce39896e7230ffda5ca8bc58d736 2006.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.x86_64.rpm a86cb00b8b07cd45a1274ddc318de2bd 2006.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.x86_64.rpm 8ba8f4e4d9fcfef9f3cc4ac71b15c5df 2006.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.x86_64.rpm 4c477d0ef8c843b9416185508c9181a1 2006.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.x86_64.rpm 6e9c4c9c6ba8cfefd32e4d135943824d 2006.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.x86_64.rpm b8046ef3da338188287fa9a8ebfb9515 2006.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.x86_64.rpm 1609e86fa50ef7c5c3ef827bf47090e8 2006.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.x86_64.rpm 5cdf122cafadd7f2125d42246402e29d 2006.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.x86_64.rpm 75f82717c62d51d00ba25abcdf3e26a5 2006.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.x86_64.rpm 75b03be94bdea20dbbf361a3a295e4c9 2006.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.x86_64.rpm 672f36e40f7c5463b5e771bcaeae31af 2006.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.x86_64.rpm 8cf3e2082d406f71c4c7d3f638792e1e 2006.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.x86_64.rpm 4f0f77a0b9fd79a671857fd330933289 2006.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.x86_64.rpm b5c00962987efb764ea77e76c9734c79 2006.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.x86_64.rpm f788aefcdac5b098d8853a3ef4fe146c 2006.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.x86_64.rpm 4afff3966656a65b55290d08d446d864 2006.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.x86_64.rpm e63e4db3037a915ac24dca78e5ae8617 2006.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.x86_64.rpm 7e443e15233a3db5b76ae7c299d1e7d9 2006.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.x86_64.rpm 75ca84a45213c2d33d66b68c649dd875 2006.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.x86_64.rpm 7a8cd126f5f5c63d45efe79a1e78e94d 2006.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.x86_64.rpm 342155314a7801a1637d807e8ae8754d 2006.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.x86_64.rpm 359e5cb75905f2c08b49ecb1eccdf335 2006.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.x86_64.rpm fa480b18d46eaed805f8fe0c92f6a9fe 2006.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.x86_64.rpm 3233bb351b6c89deb25a6722df088e9a 2006.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.x86_64.rpm f1347555bb50e32c58ac3edba31f3d1a 2006.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.x86_64.rpm c20fd1c8861e74829879a63075fdf2f4 2006.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.x86_64.rpm 8c73daea2686e503d3367d112c4c691e 2006.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.x86_64.rpm 59d920837831e1a165ce19447066b4e5 2006.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.x86_64.rpm 869bea0fbfc6b2c65ab525d80aed03b9 2006.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.x86_64.rpm 1b867a3b0b7d8efd86377d0f0dcb67c3 2006.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.x86_64.rpm 12ab7912491456d673058667c8c0dc3a 2006.0/x86_64/yelp-2.10.0-6.2.20060mdk.x86_64.rpm 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm
Corporate 3.0: c106557de1e045e5840a453d710b63e7 corporate/3.0/i586/libnspr4-1.5.0.7-0.1.C30mdk.i586.rpm b5a3de7c01f7a4187f85bc66db242c67 corporate/3.0/i586/libnspr4-devel-1.5.0.7-0.1.C30mdk.i586.rpm 8d1cfeaf1cb031bc1ec4519994801b6a corporate/3.0/i586/libnspr4-static-devel-1.5.0.7-0.1.C30mdk.i586.rpm d08546a25f6e78701feed1d67d53fabd corporate/3.0/i586/libnss3-1.5.0.7-0.1.C30mdk.i586.rpm 3371ded40c0bd1a8e828d9e92aed09fd corporate/3.0/i586/libnss3-devel-1.5.0.7-0.1.C30mdk.i586.rpm 6d635b07ba60ed49fe27d4c633204520 corporate/3.0/i586/mozilla-firefox-1.5.0.7-0.1.C30mdk.i586.rpm aa83aaff11daa5889c9d36c928075341 corporate/3.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.i586.rpm 059c5de9e7a5f658cfbc692c913b3403 corporate/3.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.i586.rpm 63b8a1a7db1568964fe4dc1d32552f52 corporate/3.0/i586/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.i586.rpm cf48e548709250792e5a87c12db71cf1 corporate/3.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.i586.rpm 90c83713c4fd403c9999cf52c56eb282 corporate/3.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.i586.rpm 91279bd7d327c1a3bc0855cb06007f82 corporate/3.0/i586/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.i586.rpm 1fec2333c2988cc7cb7238d5bcf1812d corporate/3.0/i586/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.i586.rpm debf0c0ddd775793cd87fedcaefc5cf7 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.i586.rpm 6e9ec67c3a28bde55146ca1f475cb847 corporate/3.0/i586/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.i586.rpm 53c7defd9f6f8168990e4f4d4fa3a495 corporate/3.0/i586/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.i586.rpm 5ac67c7e12f4edd0429bc2f085e438e6 corporate/3.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.i586.rpm 5d4ac2f2cd3d6aecd52365e54aa85d66 corporate/3.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.i586.rpm aad00d0da3781f7165ed63df0276962d corporate/3.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.i586.rpm c531c8f33674e476980aa2cf112440bc corporate/3.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.i586.rpm 8f33047a9c560757a90831ea415ef814 corporate/3.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.i586.rpm ec0a957af4cd462f58c3d846a37d68b4 corporate/3.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.i586.rpm 1f8f0a6a7f962c1b1cf9d3dec38af0e2 corporate/3.0/i586/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.i586.rpm 354c14637e7df983f16903f46bf81171 corporate/3.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.i586.rpm b9fdd2f2db6f74ef240e23ace3a3a0c3 corporate/3.0/i586/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.i586.rpm 831a3b7c411cc716527dfe1c97d63de2 corporate/3.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.i586.rpm a89843c85143fa62e264f37df634b920 corporate/3.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.i586.rpm 382ff5621db369b06e9d76a41a4fa509 corporate/3.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.i586.rpm 4181358e7b0b84ff907bd5173be137d2 corporate/3.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.i586.rpm 6da617d32c9eb917180eddd62aeabf54 corporate/3.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.i586.rpm c0e559c0dc865c97435a918d77d690dd corporate/3.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.i586.rpm 05a64d9e97c0ec16b661d93e4c49ba93 corporate/3.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.i586.rpm ef2379b44f8e241a7811eee7031e9838 corporate/3.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.i586.rpm 08f36ddea8f0b8ad5decc76b6ebf7106 corporate/3.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.i586.rpm 9af857fcd8a7e98707ae77fcbd17e25d corporate/3.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.i586.rpm 5b23c90450de3a6ee1b879dafb4e0ebb corporate/3.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.i586.rpm 646d7d7ca0374da1d90c77ff827b7a3b corporate/3.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.i586.rpm 25746d2ce3a97f620f1c098daef474ed corporate/3.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.i586.rpm fb12bfb159f9d9a291e838cb6994daa5 corporate/3.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.i586.rpm 962b2b084cde62a28341c177d006b755 corporate/3.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.i586.rpm 784906446777df1d03ba5ac75e790104 corporate/3.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.i586.rpm 543df7658745731ec6341a1d46901e5e corporate/3.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.i586.rpm ef4728e96d4c1dadc4e9286022c6fc1a corporate/3.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.i586.rpm f974e234f39298065b5a120da2aad80f corporate/3.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.i586.rpm da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm
Corporate 3.0/X86_64: 38e5d39281cf8fe28ae400ef6880ed82 corporate/3.0/x86_64/lib64nspr4-1.5.0.7-0.1.C30mdk.x86_64.rpm 8594d09e78d9ec76bed9bb5bf9065a9d corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm 88ea20792afc414a8511312fc53c9973 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm 0749638fca3fc55a0c84b374c8ddce4c corporate/3.0/x86_64/lib64nss3-1.5.0.7-0.1.C30mdk.x86_64.rpm 3bd450c319eada8936baad026c0e7edc corporate/3.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm 86a6c461d4b783867fbf62dba98b76a0 corporate/3.0/x86_64/mozilla-firefox-1.5.0.7-0.1.C30mdk.x86_64.rpm fa3bdb060dc9933093cd59604e0e9770 corporate/3.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.x86_64.rpm cf50847d5e76e5a9b0cd9c48a156f919 corporate/3.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.x86_64.rpm 5251818cebcf07fdb025aded5d99f092 corporate/3.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.x86_64.rpm 1ae9e70895e0bfb45034d2cfa4c937b8 corporate/3.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.x86_64.rpm 3585c137dc33769069e8961fa5a7ae7b corporate/3.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.x86_64.rpm e10f6d78aa54d325f8a38d7f8729f1ac corporate/3.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.x86_64.rpm 62bd1fd39df7abf0ce81eb9d711f6d14 corporate/3.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.x86_64.rpm e34c011d455b576e4e27b20d4bc057db corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm aebe66911dac80623339aee380ec165a corporate/3.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.x86_64.rpm 3c5f109ae088242966604dce6338f07b corporate/3.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.x86_64.rpm 17ef425bc7fc131b9de3632fb92317d1 corporate/3.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.x86_64.rpm 15ea134fde2b507f46e6e4faf243135f corporate/3.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.x86_64.rpm ce6f4aa7a0fb1ac425afc5d915bb392d corporate/3.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.x86_64.rpm 13b0b693682e7def5e320473342cf4a0 corporate/3.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.x86_64.rpm d5fd81f204e46d15b6d1124376ab0930 corporate/3.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.x86_64.rpm cb389fc624d1961cf2ab00488bad7cef corporate/3.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.x86_64.rpm 3cd572d77c055bf562c3678c513ff3c8 corporate/3.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.x86_64.rpm ea7215256650d751ae2ce0d20812fa96 corporate/3.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.x86_64.rpm 57fcf8c6e9f251d3eb4f0096ca55cea3 corporate/3.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.x86_64.rpm d7f6310911b7e049876f7b70c16b8ccc corporate/3.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.x86_64.rpm 8c0b97b440922510631400b5aea900ac corporate/3.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.x86_64.rpm 8045c85ca598518aff6c7ead8f3fbf61 corporate/3.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.x86_64.rpm 996d7bb252cf32b3ddce18a90b4bb8d9 corporate/3.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.x86_64.rpm 5a3b346110144f79e05c20d13ac90663 corporate/3.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.x86_64.rpm c56729c0896b11a9e49875fe2b493872 corporate/3.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.x86_64.rpm da6306fcba9fba87d98f68208e752bf8 corporate/3.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.x86_64.rpm e94eca882ce53af3086bac6cf70076ea corporate/3.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.x86_64.rpm 810bc3ca66d52d5537ece20a12679fec corporate/3.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.x86_64.rpm c97bcde75d8118bb3d6c38428b811cc9 corporate/3.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.x86_64.rpm 629ec7999ae3fd23e36e2c6722847bbe corporate/3.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.x86_64.rpm ad435041d1138f8a38a0a0739cff18d8 corporate/3.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.x86_64.rpm f76501363a31bcd388f5edcc80881196 corporate/3.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.x86_64.rpm e400f4b7e77307c8c5ab1bc26691168a corporate/3.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.x86_64.rpm 126f45e769e463182b4ade57183684c1 corporate/3.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.x86_64.rpm 160b09d1c10d0b781d8c1a17779432ed corporate/3.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.x86_64.rpm c5c363d0552c8365bf5dc6a0936d28b2 corporate/3.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.x86_64.rpm c4baf08469f1dbea8924429a7ec7b86e corporate/3.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.x86_64.rpm b9ce84c78e92b6f5e75954ada2706722 corporate/3.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.x86_64.rpm da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm
Corporate 4.0: 64a0356cc8f1b1ffcdfdef3d8d146cc5 corporate/4.0/i586/libnspr4-1.5.0.7-0.1.20060mlcs4.i586.rpm 3f0b705031d1e95280e8194338b2d381 corporate/4.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm 1bba2e76f21b670f44ba65f8c92b67e1 corporate/4.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm cb10e515e0fad365a81273a9b620cbc7 corporate/4.0/i586/libnss3-1.5.0.7-0.1.20060mlcs4.i586.rpm 3534b6f0e0b64686aee7b0758ec33daf corporate/4.0/i586/libnss3-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm c3aa90658d2adeb4e6543426c493a0fe corporate/4.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.i586.rpm 122e2ce3928dd2898118533f45f851e1 corporate/4.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.i586.rpm 3ade855a9fc71980eec72c8dbc107ae3 corporate/4.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.i586.rpm c189b7b4b54f4bdf040635750df007f8 corporate/4.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.i586.rpm 360d587d53e2a9c47dfff8a9137f1b4c corporate/4.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.i586.rpm c2fa5da5d44a5f70bb49d5b4ba7e86e6 corporate/4.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.i586.rpm 5df7bf2ff4059259ed0b5ea9f3587cc3 corporate/4.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.i586.rpm 278a321f6ee5928135585f03a05ae642 corporate/4.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.i586.rpm cd37b5dfe36b72fb482be5abc4bbbba7 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm 9b49e02711849a4babedfa63c6aadefb corporate/4.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.i586.rpm d8293192b06e5a91df8314ecba17880e corporate/4.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.i586.rpm 5839e97fa06cca289121be5f33e9286d corporate/4.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.i586.rpm 34d184e85b53c369a713c08f66e601dc corporate/4.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.i586.rpm ab7b43c629095beee26dbb1381fbff9d corporate/4.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.i586.rpm 79cfc37305b6a3977d7c7333c7e883de corporate/4.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.i586.rpm 7e8f28d446d6e574d8a1521059c03144 corporate/4.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.i586.rpm 0d2dd482cc76fb0df96c0bc5f4fa5844 corporate/4.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.i586.rpm 58959b3a1d43cc2a666361804daa88f1 corporate/4.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.i586.rpm ded59cf4be8835dc0ada86add049ed86 corporate/4.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.i586.rpm 8afd66b33e600714238e360a127df36e corporate/4.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.i586.rpm ef6a89b44e3b120f1bae29217728f196 corporate/4.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.i586.rpm 1532d01d8123e87ee1103292ed95f68d corporate/4.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.i586.rpm 8c0667ab59c15a9b66097f5e86df7220 corporate/4.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.i586.rpm bcec75d2b059d123d6c21dae29baee00 corporate/4.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.i586.rpm f5afdfd15e40f4ec6323a8cac098cb78 corporate/4.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.i586.rpm 1544a7236d6a10521f89234feaff9435 corporate/4.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.i586.rpm 53834f537b0eacd3bb59a2ccc6a40ea6 corporate/4.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.i586.rpm 70171f6ba3c24b51ec29be154e129bce corporate/4.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.i586.rpm 4e64eee4ed44068cb9db5c77730c71b8 corporate/4.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.i586.rpm d990c04de7c285225c51067ff92d8a58 corporate/4.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.i586.rpm 04ee85bd5b28b12466bcd8189d4ae480 corporate/4.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.i586.rpm 222528603f2d88e4e46178620328ac7e corporate/4.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.i586.rpm caacac0ace4c80fbf0d917ea95070114 corporate/4.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.i586.rpm e4aabb47eacf2bcbb517e6890935d4e9 corporate/4.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.i586.rpm e55300aa65e586aba56e5b75c3d0f0d7 corporate/4.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.i586.rpm 8d857f4d255e86e4b1db933ab75a88b5 corporate/4.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.i586.rpm 0d4998a9483e67ad0a484d8535950401 corporate/4.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.i586.rpm 0677248472dd1f219ac4c633b3ae8427 corporate/4.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.i586.rpm 025ee723e8a157de742313163d8199e6 corporate/4.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.i586.rpm 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: e9362e7e9d164dcf20ac2dd178057783 corporate/4.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 27152d5c4d45cfe65038b90014f4b128 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm a520a8169e6f7fa9636c7434820263cc corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 73fa1146e61ddf2baea07f4e51b247a2 corporate/4.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 77c656121a9efaefb5bf8bea7416a190 corporate/4.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 1353fe3c1c7740891cca051691f2a844 corporate/4.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 6e547a34386d9220269f6971df84459b corporate/4.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 37bd5e53ce8bd1196991a1d48c7d3fc2 corporate/4.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.x86_64.rpm d8efb7b371fa3bc9d7dbda4d82bcea69 corporate/4.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.x86_64.rpm a4eb36d0ed16b308bf8146758468f720 corporate/4.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 1f3f6299c228a51c39dd9036d501baf3 corporate/4.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b7ed3aee73652f317d41612746b7f79e corporate/4.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.x86_64.rpm aa5e7732031b216f6cc4552b7e5bfe22 corporate/4.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b99863ae0bc816222fec7afd596b4b38 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 22b5ef994c3f38b7b5a63808f0ef9c47 corporate/4.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.x86_64.rpm a5033ebf881cab82e063df8ffe29e22b corporate/4.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 387dfb400ed59319e932a19e2dd4fe09 corporate/4.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 2a114b7e832d12fad87f2ad76ed89a7d corporate/4.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm eced7a780c5f758eef5a0f71f43ed261 corporate/4.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 854bc6729675ed8670330f3da1e520b2 corporate/4.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b73ac49803411c5afb96d87cde8a89c9 corporate/4.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.x86_64.rpm ca9a93da5b7f4dfc1eca188267891a66 corporate/4.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 267f8dc1ca9e04115050a311eebd00f1 corporate/4.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 516850fa1de5417fdb96ab50fee1504f corporate/4.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm ec13f241ff41c46590e31fd8339ffae7 corporate/4.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 00eddff4c17ce23c148cbb2bfd27bc59 corporate/4.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 896cc9b5af7e66ddbf67ad819083a9aa corporate/4.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 52a752441fc870f33e792860ec328ecd corporate/4.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b418b4371503ed9502ca7eab01c6d86e corporate/4.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 801a63774bfd94ac7e292b97bc1c88a6 corporate/4.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 4998a34e227bcd0de4c64a08198cda13 corporate/4.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 0f809660f4c1e45133fc01003acee854 corporate/4.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm da3f053868769c3d1705158b925a3312 corporate/4.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b53c13931bdcebb9dec07ccb7512cc0d corporate/4.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 431f220901edaf32f504ee6dfd7d8262 corporate/4.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 45d21d5351be8762640ae3038458c6b8 corporate/4.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 3bb59b3ca297d90181276683db70ceb7 corporate/4.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.x86_64.rpm cce30e727a3dba740a537ec0040248f2 corporate/4.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 7221b6655d4061eb29ed5150f87b3706 corporate/4.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm dd7c39076b8bb01d1b4432ba9cb29f12 corporate/4.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.x86_64.rpm cacf45d88765c0c26d7256e5f392c2df corporate/4.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 703558369cbe9e4920eab509134d3a7e corporate/4.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 817fd873fb5f997916d61b2cf078d2c3 corporate/4.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm fe95060a37a586f98f5c3683131a9ef2 corporate/4.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1553",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firefox",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": "network security services",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.11.2"
},
{
"model": "seamonkey",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"model": "thunderbird",
"scope": "lte",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Bleichenbacher reported this issue to the vendor.",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4340",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2006-4340",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4340",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#191336",
"trust": 0.8,
"value": "0.34"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Airport Probe Response Kernel Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA22679\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22679/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nH.D. Moore has reported a vulnerability in the Apple Airport driver,\nwhich potentially can be exploited by malicious people to compromise\na vulnerable system. \n\nThe vulnerability is caused due to an error in the Airport driver\nprovided with Orinoco-based Airport cards when handling probe\nresponse frames. This can be exploited to overwrite kernel memory and\npotentially execute arbitrary code when the driver is running in\nactive scanning mode. \n\nThe vulnerability is reported in the driver on a PowerBook running\nversion 10.4.8. \n\nSOLUTION:\nDo not place the card into active scanning mode. \n\nPROVIDED AND/OR DISCOVERED BY:\nH D Moore\n\nORIGINAL ADVISORY:\nhttp://projects.info-pull.com/mokb/MOKB-01-11-2006.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1191-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nOctober 5th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla-thunderbird\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2006-2788 CVE-2006-4340 CVE-2006-4565 CVE-2006-4566\n CVE-2006-4568 CVE-2006-4570 CVE-2006-4571\nBugTraq ID : 20042\n\nSeveral security related problems have been discovered in Mozilla and\nderived products such as Mozilla Thunderbird. The Common\nVulnerabilities and Exposures project identifies the following\nvulnerabilities:\n\nCVE-2006-2788\n\n Fernando Ribeiro discovered that a vulnerability in the getRawDER\n functionallows remote attackers to cause a denial of service\n (hang) and possibly execute arbitrary code. \n\nCVE-2006-4340\n\n Daniel Bleichenbacher recently described an implementation error\n in RSA signature verification that cause the application to\n incorrectly trust SSL certificates. \n\nCVE-2006-4568\n\n A vulnerability has been discovered that allows remote attackers\n to bypass the security model and inject content into the sub-frame\n of another site. \n\nCVE-2006-4570\n\n Georgi Guninski demonstrated that even with JavaScript disabled in\n mail (the default) an attacker can still execute JavaScript when a\n mail message is viewed, replied to, or forwarded. \n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.0.2-2.sarge1.0.8c.1. \n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.5.0.7-1. \n\nWe recommend that you upgrade your Mozilla Thunderbird packages. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.dsc\n Size/MD5 checksum: 1003 d7261fba347b9876e873f1d424e60190\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.diff.gz\n Size/MD5 checksum: 519315 066ed351050722c36274e3e837fd174f\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2.orig.tar.gz\n Size/MD5 checksum: 33288906 806175393a226670aa66060452d31df4\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 12855288 285e55a20445ea5dffe79de01baf788c\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 3280106 0206d9fe08e3da2d4bf919c6b2b54ec7\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 152092 c5c984f0f11f94cb263f5bbef367de09\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 33520 ed7e6d825f630da666e07914527f2c75\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_alpha.deb\n Size/MD5 checksum: 89492 1e9ed565915dc4327e444ad999cc5daa\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 12258904 f40f86252184ce7360b2b9d1e58cef8f\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 3281164 e4e2160d22d4721508f1762804b3b18b\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 151124 a72d17f827929c9189f9ba96ff73c7a1\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 33512 bbe0fe4a7e56a138c220790ab9de97a6\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_amd64.deb\n Size/MD5 checksum: 89350 f2b7e1d1d4eb5f1abb2522ddbdb46ff5\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 10345146 4c171699433072d443eb7b35a2550fd2\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 3272118 a52ad3d2cd1806e936374537e135d7db\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 143266 9dedbe9b5f45727a93cfccb5c99bf371\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 33522 14d1c0d0af46731075ea7c35c2900258\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_arm.deb\n Size/MD5 checksum: 81318 81219b4c82896fab12427e42df1b2760\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 13570024 3a62ee11075402dfad030e2ede937191\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 3285124 e9cadee2d32b2bcb56b1278043e97da4\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 153296 3fecaa707002afb1ba6854da724ad132\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 33520 83e537b9aff4d44fd958043298a1d7f2\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_hppa.deb\n Size/MD5 checksum: 97390 c3ceeedcf00d99d34c7b5f424da7da63\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 11568436 af1de65bd715970c4432149aec80b2a2\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 3507870 5dab89db24f1443fe782dc931f4ee0af\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 146732 bc52082cd1ab0f026c401204cd63b4a7\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 33518 5d3c9700cce7b9c0261c246ed7b8afd4\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_i386.deb\n Size/MD5 checksum: 88084 e244c9c8b7224814774bef13f4213d4e\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 14628630 07bfcc171f449b86b9d62f903e29d506\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 3291260 d7186841974796f8f90be26700801a95\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 155452 e17eb664e56fcc0809dd36580f92cc1a\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 33514 fc890529fdea5526a05ffd16b96f5956\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_ia64.deb\n Size/MD5 checksum: 107220 eb93528d586b050ecc3b60742b4fa344\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 10794842 fa716b92e3c7a9d67fad6fd453c78bb4\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 3271690 d95eb910dd6d38de41c17fcb6b1c4696\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 145054 2b7570676e15cea809905c442f91b5e0\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 33550 3db6c520d1c489fb4e17501d19dececf\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_m68k.deb\n Size/MD5 checksum: 82556 32d25c11844a48ed963e3c5c51ff34fc\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 11948708 4f58ce9668da6a12b823edaa3c8b35b3\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 3279410 e639b2bf43eda95d3ca3bb0b9aec6df7\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 148042 cb6ee4a9bd4dec3166e48e356b9c3465\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 33524 2765555b00f4ed717b34e98c5c0d9c02\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mips.deb\n Size/MD5 checksum: 84748 0e934e90bb6bd47c7500fd665728ba27\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 11817078 4239077894c74444d33063229dd847df\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 3280416 ac165850436e63818da8fffe134628d1\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 147600 ae6d7ff1b34dddab3d0c18d6e38bc77b\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 33518 27bed1b95a4e34a291c7e67c6a9fdd37\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mipsel.deb\n Size/MD5 checksum: 84650 173fefc8b58b15398b3cccad2c812495\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 10912494 d13ec5b97f5fde0795e5f762330756f6\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 3270108 dbd7eb3154db4a379fcfcda6b7d414b9\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 145048 b9ab45845f58fb064d7d1ae449481db9\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 33526 b5e07e26d215581b4cc0fea6d71beaf3\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_powerpc.deb\n Size/MD5 checksum: 81478 b57b8038afbfd5490a6cf847e740ab60\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 12705708 68195861caccd07a18a379ffe2e88403\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 3280614 38dec996622a4e1762a1ef683bba9c43\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 151436 b54ba7420653e63746d019b979f3ae76\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 33516 e24dafe27c103a8d40de9a905b052311\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_s390.deb\n Size/MD5 checksum: 89290 9daa1eb634834e02aefde0a594bcd0f9\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 11181284 adedd4c6302ddb868a531810d226143a\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 3275816 c38922ec47674939277e6984f87c0eb4\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 144702 9183a627463aa564a0313d4d361d22f3\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 33528 5f87736faa9ee0a9b10e29c48280798a\n http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_sparc.deb\n Size/MD5 checksum: 83122 72966880dc02a1b472dcac7b1404fa58\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niD8DBQFFJNsFW5ql+IAeqTIRAgeZAJ0dYXyy9QKfcADcFekhEP7n0hfqeACgpro4\nH5iKBfGUezJNoEbseNfM8+Q=\n=Dv+0\n-----END PGP SIGNATURE-----\n\n. \n\nBackground\n==========\n\nThe Mozilla Network Security Service is a library implementing security\nfeatures like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12,\nS/MIME and X.509 certificates. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/nss \u003c 3.11.3 \u003e= 3.11.3\n\nDescription\n===========\n\nDaniel Bleichenbacher discovered that it might be possible to forge\nsignatures signed by RSA keys with the exponent of 3. This impacts any software using the NSS library, like the\nMozilla products Firefox, Thunderbird and Seamonkey. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll NSS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/nss-3.11.3\"\n\nNote: As usual after updating a library, you should run\n\u0027revdep-rebuild\u0027 (from the app-portage/gentoolkit package) to ensure\nthat all applications linked to it are properly rebuilt. \n\nReferences\n==========\n\n [ 1 ] CVE-2006-4339\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n [ 2 ] CVE-2006-4340\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n This update provides the latest Firefox to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4568\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4571\n http://www.mozilla.org/security/announce/2006/mfsa2006-57.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-58.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-59.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-60.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-61.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-62.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-64.html\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 4e750ef25e44a1b493d2a61ad5f9a7a2 2006.0/i586/devhelp-0.10-7.2.20060mdk.i586.rpm\n e6cd690c11d4e8f352d2ce7bf0f7d4be 2006.0/i586/epiphany-1.8.5-4.2.20060mdk.i586.rpm\n b2f094942eca657f3dc7a8699cb8b776 2006.0/i586/epiphany-devel-1.8.5-4.2.20060mdk.i586.rpm\n c4ae8fc253aa1fe055ec4c1560205fab 2006.0/i586/epiphany-extensions-1.8.2-3.2.20060mdk.i586.rpm\n 08cde29a26e6ac2d0e3b629f660db9fe 2006.0/i586/galeon-2.0.1-1.2.20060mdk.i586.rpm\n 9c94b904a9f2c64090328edd73d0e1fa 2006.0/i586/libdevhelp-1_0-0.10-7.2.20060mdk.i586.rpm\n b5ad67818794371f50d63a611c79b45b 2006.0/i586/libdevhelp-1_0-devel-0.10-7.2.20060mdk.i586.rpm\n fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/i586/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm\n 770e8d6c5643c78f486ae2c115f7c740 2006.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n ffb123d21760cbba92a232dfb1150b7e 2006.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/i586/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm\n 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/i586/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n 2596f8b787cea221c80a85fd0854f766 2006.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mdk.i586.rpm\n c912e48bd5138b8f42b24b3c34653a19 2006.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.i586.rpm\n 1a82466395715237df552070e51f6525 2006.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.i586.rpm\n 514de0cacb2462a8a6a26206ac18b617 2006.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.i586.rpm\n 70415104d0814a6e94c1997c0c464957 2006.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.i586.rpm\n c2b5a360abd1a8a3e78dd8e9df072b4c 2006.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.i586.rpm\n f8dd2e9e5a5e374782d9154b09ca7b7d 2006.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.i586.rpm\n a20a2bee8f26440b13294ef6247f66ec 2006.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.i586.rpm\n c60d356eddf74e8799b239a925b35953 2006.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n 5b4fbc76811530cfc20ef319daf2f577 2006.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.i586.rpm\n fdc7591dc15dce7e373f4e167fb2c769 2006.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.i586.rpm\n 00a17b297ea7b7ee31a3fca5d3109ffc 2006.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.i586.rpm\n 2bee9151bc0e40bf1ff22a9224643dcb 2006.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.i586.rpm\n 03285b22a86c82b8558467befb5fa04b 2006.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.i586.rpm\n f9dbe9c8d7b907e6c1a80f0bce2d9323 2006.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.i586.rpm\n 4e13ea6856a71514c569581e06515ae8 2006.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.i586.rpm\n 81b56a020127b1e9c41facb963e670be 2006.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.i586.rpm\n 3a14f0cee1271d5f4cfedc8967a2be45 2006.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.i586.rpm\n 9612ac69d69114d1da1dc1bfa6530d9b 2006.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.i586.rpm\n 9a47da16333b9c1d839e19420ab5c3a5 2006.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.i586.rpm\n ea5b214a43077114d8adaf184ba6ce61 2006.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.i586.rpm\n ebf899b39e850438dd4cfb1bbab9ba8d 2006.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.i586.rpm\n 18522be12bdda788de662d07d5a07e08 2006.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.i586.rpm\n 19a62453c05c0443aa2999a177d50dac 2006.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.i586.rpm\n 352aa6197b0b79025f5a71a3135d95c9 2006.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.i586.rpm\n 64b460d997ff70bf0ff50400c20a98e1 2006.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.i586.rpm\n 1f67f28a68d57baa96523ef05ccd1bbe 2006.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.i586.rpm\n f5b2681e10e6eb68e4fb9041262b65c5 2006.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.i586.rpm\n 8d47794342c430b50dc04f7d4c65cf9d 2006.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.i586.rpm\n d975c5d5ec3c8fed8846f02105ba4795 2006.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.i586.rpm\n 563d01331a992ec6ded54d5118bc10ad 2006.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.i586.rpm\n 4da569e782da6c5b98eab4862c335600 2006.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.i586.rpm\n 4a77a4d9b22704184694a1a0580440f5 2006.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.i586.rpm\n 0a153e8351a1ffdfadf067cdf9b2ee06 2006.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.i586.rpm\n e7ed42daf0c68890a34422d8f5b7dcf6 2006.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.i586.rpm\n 542ce6ba9713683b8a741ab921cd3e45 2006.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.i586.rpm\n 55c8c83ad72d6289bf1d45ea517b74ba 2006.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.i586.rpm\n 591beaf9e8abf8911f023fb147efe765 2006.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.i586.rpm\n 23b9d2502d7cb24aeea82f358a428ec2 2006.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.i586.rpm\n be8acdc18fe55ea8a9d0afc553bf21d3 2006.0/i586/yelp-2.10.0-6.2.20060mdk.i586.rpm \n 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm\n bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm\n b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm\n 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm\n 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm\n 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm\n 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 8f79a25451b9f41d48df89f996869cc7 2006.0/x86_64/devhelp-0.10-7.2.20060mdk.x86_64.rpm\n a9b851ddb7a77ee0f6d73c9a475658e0 2006.0/x86_64/epiphany-1.8.5-4.2.20060mdk.x86_64.rpm\n 606bb2a3ece209a7c260fd81d776c123 2006.0/x86_64/epiphany-devel-1.8.5-4.2.20060mdk.x86_64.rpm\n bb99bf7ed2e5608849cb9b0bcac49041 2006.0/x86_64/epiphany-extensions-1.8.2-3.2.20060mdk.x86_64.rpm\n 6caf5e05026177525d0d04225e5dcc4a 2006.0/x86_64/galeon-2.0.1-1.2.20060mdk.x86_64.rpm\n 2ef32f51f707beff08db88d61aab842d 2006.0/x86_64/lib64devhelp-1_0-0.10-7.2.20060mdk.x86_64.rpm\n 50b6716aa33e6065ce0ba0b107fb3a8c 2006.0/x86_64/lib64devhelp-1_0-devel-0.10-7.2.20060mdk.x86_64.rpm\n 0b3997e3f646af18f684fdce56194ae3 2006.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75e63b4f3785b8c7fa4924d7f30be921 2006.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n cda6b659c2777c44fdde0ac3ab1fb11b 2006.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4f3e6424fa71a629be1b81415fe2b875 2006.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 7bd353454999969148524636267b68c5 2006.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/x86_64/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm\n 770e8d6c5643c78f486ae2c115f7c740 2006.0/x86_64/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/x86_64/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm\n 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/x86_64/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n 561212c426f35a3e2393ad3acbf11bda 2006.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mdk.x86_64.rpm\n a4a76ca919cec68bef5ec0521e4185b2 2006.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.x86_64.rpm\n e23f698f02d78a8d8b2ac056e91f106a 2006.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1e815c45fb57ee56bd4d4258a8cda5ad 2006.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1c348254b80cec87c2b804825cdd8a5d 2006.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 6eac0be09030f9ed629107600bcbf88f 2006.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.x86_64.rpm\n a06b4569f5392501df97fb209315782f 2006.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 98aac82b44a66047d884b95f251cd6c5 2006.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 9479078391f288562b612afff9cb994e 2006.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 247dce39896e7230ffda5ca8bc58d736 2006.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.x86_64.rpm\n a86cb00b8b07cd45a1274ddc318de2bd 2006.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 8ba8f4e4d9fcfef9f3cc4ac71b15c5df 2006.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4c477d0ef8c843b9416185508c9181a1 2006.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 6e9c4c9c6ba8cfefd32e4d135943824d 2006.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.x86_64.rpm\n b8046ef3da338188287fa9a8ebfb9515 2006.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1609e86fa50ef7c5c3ef827bf47090e8 2006.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 5cdf122cafadd7f2125d42246402e29d 2006.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75f82717c62d51d00ba25abcdf3e26a5 2006.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75b03be94bdea20dbbf361a3a295e4c9 2006.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 672f36e40f7c5463b5e771bcaeae31af 2006.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 8cf3e2082d406f71c4c7d3f638792e1e 2006.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4f0f77a0b9fd79a671857fd330933289 2006.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.x86_64.rpm\n b5c00962987efb764ea77e76c9734c79 2006.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.x86_64.rpm\n f788aefcdac5b098d8853a3ef4fe146c 2006.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4afff3966656a65b55290d08d446d864 2006.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.x86_64.rpm\n e63e4db3037a915ac24dca78e5ae8617 2006.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 7e443e15233a3db5b76ae7c299d1e7d9 2006.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75ca84a45213c2d33d66b68c649dd875 2006.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 7a8cd126f5f5c63d45efe79a1e78e94d 2006.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 342155314a7801a1637d807e8ae8754d 2006.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 359e5cb75905f2c08b49ecb1eccdf335 2006.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.x86_64.rpm\n fa480b18d46eaed805f8fe0c92f6a9fe 2006.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 3233bb351b6c89deb25a6722df088e9a 2006.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.x86_64.rpm\n f1347555bb50e32c58ac3edba31f3d1a 2006.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.x86_64.rpm\n c20fd1c8861e74829879a63075fdf2f4 2006.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 8c73daea2686e503d3367d112c4c691e 2006.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 59d920837831e1a165ce19447066b4e5 2006.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 869bea0fbfc6b2c65ab525d80aed03b9 2006.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1b867a3b0b7d8efd86377d0f0dcb67c3 2006.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 12ab7912491456d673058667c8c0dc3a 2006.0/x86_64/yelp-2.10.0-6.2.20060mdk.x86_64.rpm \n 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm\n bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm\n b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm\n 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm\n 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm\n 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm\n 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm\n\n Corporate 3.0:\n c106557de1e045e5840a453d710b63e7 corporate/3.0/i586/libnspr4-1.5.0.7-0.1.C30mdk.i586.rpm\n b5a3de7c01f7a4187f85bc66db242c67 corporate/3.0/i586/libnspr4-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n 8d1cfeaf1cb031bc1ec4519994801b6a corporate/3.0/i586/libnspr4-static-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n d08546a25f6e78701feed1d67d53fabd corporate/3.0/i586/libnss3-1.5.0.7-0.1.C30mdk.i586.rpm\n 3371ded40c0bd1a8e828d9e92aed09fd corporate/3.0/i586/libnss3-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n 6d635b07ba60ed49fe27d4c633204520 corporate/3.0/i586/mozilla-firefox-1.5.0.7-0.1.C30mdk.i586.rpm\n aa83aaff11daa5889c9d36c928075341 corporate/3.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.i586.rpm\n 059c5de9e7a5f658cfbc692c913b3403 corporate/3.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.i586.rpm\n 63b8a1a7db1568964fe4dc1d32552f52 corporate/3.0/i586/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.i586.rpm\n cf48e548709250792e5a87c12db71cf1 corporate/3.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.i586.rpm\n 90c83713c4fd403c9999cf52c56eb282 corporate/3.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.i586.rpm\n 91279bd7d327c1a3bc0855cb06007f82 corporate/3.0/i586/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.i586.rpm\n 1fec2333c2988cc7cb7238d5bcf1812d corporate/3.0/i586/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.i586.rpm\n debf0c0ddd775793cd87fedcaefc5cf7 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n 6e9ec67c3a28bde55146ca1f475cb847 corporate/3.0/i586/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.i586.rpm\n 53c7defd9f6f8168990e4f4d4fa3a495 corporate/3.0/i586/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.i586.rpm\n 5ac67c7e12f4edd0429bc2f085e438e6 corporate/3.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.i586.rpm\n 5d4ac2f2cd3d6aecd52365e54aa85d66 corporate/3.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.i586.rpm\n aad00d0da3781f7165ed63df0276962d corporate/3.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.i586.rpm\n c531c8f33674e476980aa2cf112440bc corporate/3.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.i586.rpm\n 8f33047a9c560757a90831ea415ef814 corporate/3.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.i586.rpm\n ec0a957af4cd462f58c3d846a37d68b4 corporate/3.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.i586.rpm\n 1f8f0a6a7f962c1b1cf9d3dec38af0e2 corporate/3.0/i586/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.i586.rpm\n 354c14637e7df983f16903f46bf81171 corporate/3.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.i586.rpm\n b9fdd2f2db6f74ef240e23ace3a3a0c3 corporate/3.0/i586/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.i586.rpm\n 831a3b7c411cc716527dfe1c97d63de2 corporate/3.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.i586.rpm\n a89843c85143fa62e264f37df634b920 corporate/3.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.i586.rpm\n 382ff5621db369b06e9d76a41a4fa509 corporate/3.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.i586.rpm\n 4181358e7b0b84ff907bd5173be137d2 corporate/3.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.i586.rpm\n 6da617d32c9eb917180eddd62aeabf54 corporate/3.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.i586.rpm\n c0e559c0dc865c97435a918d77d690dd corporate/3.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.i586.rpm\n 05a64d9e97c0ec16b661d93e4c49ba93 corporate/3.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.i586.rpm\n ef2379b44f8e241a7811eee7031e9838 corporate/3.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.i586.rpm\n 08f36ddea8f0b8ad5decc76b6ebf7106 corporate/3.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.i586.rpm\n 9af857fcd8a7e98707ae77fcbd17e25d corporate/3.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.i586.rpm\n 5b23c90450de3a6ee1b879dafb4e0ebb corporate/3.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.i586.rpm\n 646d7d7ca0374da1d90c77ff827b7a3b corporate/3.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.i586.rpm\n 25746d2ce3a97f620f1c098daef474ed corporate/3.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.i586.rpm\n fb12bfb159f9d9a291e838cb6994daa5 corporate/3.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.i586.rpm\n 962b2b084cde62a28341c177d006b755 corporate/3.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.i586.rpm\n 784906446777df1d03ba5ac75e790104 corporate/3.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.i586.rpm\n 543df7658745731ec6341a1d46901e5e corporate/3.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.i586.rpm\n ef4728e96d4c1dadc4e9286022c6fc1a corporate/3.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.i586.rpm\n f974e234f39298065b5a120da2aad80f corporate/3.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.i586.rpm \n da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm\n 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 38e5d39281cf8fe28ae400ef6880ed82 corporate/3.0/x86_64/lib64nspr4-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 8594d09e78d9ec76bed9bb5bf9065a9d corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 88ea20792afc414a8511312fc53c9973 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 0749638fca3fc55a0c84b374c8ddce4c corporate/3.0/x86_64/lib64nss3-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3bd450c319eada8936baad026c0e7edc corporate/3.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 86a6c461d4b783867fbf62dba98b76a0 corporate/3.0/x86_64/mozilla-firefox-1.5.0.7-0.1.C30mdk.x86_64.rpm\n fa3bdb060dc9933093cd59604e0e9770 corporate/3.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.x86_64.rpm\n cf50847d5e76e5a9b0cd9c48a156f919 corporate/3.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 5251818cebcf07fdb025aded5d99f092 corporate/3.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 1ae9e70895e0bfb45034d2cfa4c937b8 corporate/3.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3585c137dc33769069e8961fa5a7ae7b corporate/3.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e10f6d78aa54d325f8a38d7f8729f1ac corporate/3.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 62bd1fd39df7abf0ce81eb9d711f6d14 corporate/3.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e34c011d455b576e4e27b20d4bc057db corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n aebe66911dac80623339aee380ec165a corporate/3.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3c5f109ae088242966604dce6338f07b corporate/3.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 17ef425bc7fc131b9de3632fb92317d1 corporate/3.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 15ea134fde2b507f46e6e4faf243135f corporate/3.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.x86_64.rpm\n ce6f4aa7a0fb1ac425afc5d915bb392d corporate/3.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 13b0b693682e7def5e320473342cf4a0 corporate/3.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.x86_64.rpm\n d5fd81f204e46d15b6d1124376ab0930 corporate/3.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.x86_64.rpm\n cb389fc624d1961cf2ab00488bad7cef corporate/3.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3cd572d77c055bf562c3678c513ff3c8 corporate/3.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.x86_64.rpm\n ea7215256650d751ae2ce0d20812fa96 corporate/3.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 57fcf8c6e9f251d3eb4f0096ca55cea3 corporate/3.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.x86_64.rpm\n d7f6310911b7e049876f7b70c16b8ccc corporate/3.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 8c0b97b440922510631400b5aea900ac corporate/3.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 8045c85ca598518aff6c7ead8f3fbf61 corporate/3.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 996d7bb252cf32b3ddce18a90b4bb8d9 corporate/3.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 5a3b346110144f79e05c20d13ac90663 corporate/3.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c56729c0896b11a9e49875fe2b493872 corporate/3.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.x86_64.rpm\n da6306fcba9fba87d98f68208e752bf8 corporate/3.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e94eca882ce53af3086bac6cf70076ea corporate/3.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 810bc3ca66d52d5537ece20a12679fec corporate/3.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c97bcde75d8118bb3d6c38428b811cc9 corporate/3.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 629ec7999ae3fd23e36e2c6722847bbe corporate/3.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.x86_64.rpm\n ad435041d1138f8a38a0a0739cff18d8 corporate/3.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.x86_64.rpm\n f76501363a31bcd388f5edcc80881196 corporate/3.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e400f4b7e77307c8c5ab1bc26691168a corporate/3.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 126f45e769e463182b4ade57183684c1 corporate/3.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 160b09d1c10d0b781d8c1a17779432ed corporate/3.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c5c363d0552c8365bf5dc6a0936d28b2 corporate/3.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c4baf08469f1dbea8924429a7ec7b86e corporate/3.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.x86_64.rpm\n b9ce84c78e92b6f5e75954ada2706722 corporate/3.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.x86_64.rpm \n da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm\n 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm\n\n Corporate 4.0:\n 64a0356cc8f1b1ffcdfdef3d8d146cc5 corporate/4.0/i586/libnspr4-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 3f0b705031d1e95280e8194338b2d381 corporate/4.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 1bba2e76f21b670f44ba65f8c92b67e1 corporate/4.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n cb10e515e0fad365a81273a9b620cbc7 corporate/4.0/i586/libnss3-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 3534b6f0e0b64686aee7b0758ec33daf corporate/4.0/i586/libnss3-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n c3aa90658d2adeb4e6543426c493a0fe corporate/4.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 122e2ce3928dd2898118533f45f851e1 corporate/4.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 3ade855a9fc71980eec72c8dbc107ae3 corporate/4.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.i586.rpm\n c189b7b4b54f4bdf040635750df007f8 corporate/4.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 360d587d53e2a9c47dfff8a9137f1b4c corporate/4.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.i586.rpm\n c2fa5da5d44a5f70bb49d5b4ba7e86e6 corporate/4.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 5df7bf2ff4059259ed0b5ea9f3587cc3 corporate/4.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 278a321f6ee5928135585f03a05ae642 corporate/4.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.i586.rpm\n cd37b5dfe36b72fb482be5abc4bbbba7 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 9b49e02711849a4babedfa63c6aadefb corporate/4.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.i586.rpm\n d8293192b06e5a91df8314ecba17880e corporate/4.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 5839e97fa06cca289121be5f33e9286d corporate/4.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 34d184e85b53c369a713c08f66e601dc corporate/4.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.i586.rpm\n ab7b43c629095beee26dbb1381fbff9d corporate/4.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 79cfc37305b6a3977d7c7333c7e883de corporate/4.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 7e8f28d446d6e574d8a1521059c03144 corporate/4.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 0d2dd482cc76fb0df96c0bc5f4fa5844 corporate/4.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 58959b3a1d43cc2a666361804daa88f1 corporate/4.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.i586.rpm\n ded59cf4be8835dc0ada86add049ed86 corporate/4.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 8afd66b33e600714238e360a127df36e corporate/4.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.i586.rpm\n ef6a89b44e3b120f1bae29217728f196 corporate/4.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 1532d01d8123e87ee1103292ed95f68d corporate/4.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 8c0667ab59c15a9b66097f5e86df7220 corporate/4.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.i586.rpm\n bcec75d2b059d123d6c21dae29baee00 corporate/4.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.i586.rpm\n f5afdfd15e40f4ec6323a8cac098cb78 corporate/4.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 1544a7236d6a10521f89234feaff9435 corporate/4.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 53834f537b0eacd3bb59a2ccc6a40ea6 corporate/4.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 70171f6ba3c24b51ec29be154e129bce corporate/4.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 4e64eee4ed44068cb9db5c77730c71b8 corporate/4.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.i586.rpm\n d990c04de7c285225c51067ff92d8a58 corporate/4.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 04ee85bd5b28b12466bcd8189d4ae480 corporate/4.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 222528603f2d88e4e46178620328ac7e corporate/4.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.i586.rpm\n caacac0ace4c80fbf0d917ea95070114 corporate/4.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.i586.rpm\n e4aabb47eacf2bcbb517e6890935d4e9 corporate/4.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.i586.rpm\n e55300aa65e586aba56e5b75c3d0f0d7 corporate/4.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 8d857f4d255e86e4b1db933ab75a88b5 corporate/4.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 0d4998a9483e67ad0a484d8535950401 corporate/4.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 0677248472dd1f219ac4c633b3ae8427 corporate/4.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 025ee723e8a157de742313163d8199e6 corporate/4.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.i586.rpm \n 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm\n d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n e9362e7e9d164dcf20ac2dd178057783 corporate/4.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 27152d5c4d45cfe65038b90014f4b128 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n a520a8169e6f7fa9636c7434820263cc corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 73fa1146e61ddf2baea07f4e51b247a2 corporate/4.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 77c656121a9efaefb5bf8bea7416a190 corporate/4.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 1353fe3c1c7740891cca051691f2a844 corporate/4.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 6e547a34386d9220269f6971df84459b corporate/4.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 37bd5e53ce8bd1196991a1d48c7d3fc2 corporate/4.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n d8efb7b371fa3bc9d7dbda4d82bcea69 corporate/4.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n a4eb36d0ed16b308bf8146758468f720 corporate/4.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 1f3f6299c228a51c39dd9036d501baf3 corporate/4.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b7ed3aee73652f317d41612746b7f79e corporate/4.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n aa5e7732031b216f6cc4552b7e5bfe22 corporate/4.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b99863ae0bc816222fec7afd596b4b38 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 22b5ef994c3f38b7b5a63808f0ef9c47 corporate/4.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n a5033ebf881cab82e063df8ffe29e22b corporate/4.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 387dfb400ed59319e932a19e2dd4fe09 corporate/4.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 2a114b7e832d12fad87f2ad76ed89a7d corporate/4.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n eced7a780c5f758eef5a0f71f43ed261 corporate/4.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 854bc6729675ed8670330f3da1e520b2 corporate/4.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b73ac49803411c5afb96d87cde8a89c9 corporate/4.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n ca9a93da5b7f4dfc1eca188267891a66 corporate/4.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 267f8dc1ca9e04115050a311eebd00f1 corporate/4.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 516850fa1de5417fdb96ab50fee1504f corporate/4.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n ec13f241ff41c46590e31fd8339ffae7 corporate/4.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 00eddff4c17ce23c148cbb2bfd27bc59 corporate/4.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 896cc9b5af7e66ddbf67ad819083a9aa corporate/4.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 52a752441fc870f33e792860ec328ecd corporate/4.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b418b4371503ed9502ca7eab01c6d86e corporate/4.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 801a63774bfd94ac7e292b97bc1c88a6 corporate/4.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 4998a34e227bcd0de4c64a08198cda13 corporate/4.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 0f809660f4c1e45133fc01003acee854 corporate/4.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n da3f053868769c3d1705158b925a3312 corporate/4.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b53c13931bdcebb9dec07ccb7512cc0d corporate/4.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 431f220901edaf32f504ee6dfd7d8262 corporate/4.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 45d21d5351be8762640ae3038458c6b8 corporate/4.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 3bb59b3ca297d90181276683db70ceb7 corporate/4.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n cce30e727a3dba740a537ec0040248f2 corporate/4.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 7221b6655d4061eb29ed5150f87b3706 corporate/4.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n dd7c39076b8bb01d1b4432ba9cb29f12 corporate/4.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n cacf45d88765c0c26d7256e5f392c2df corporate/4.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 703558369cbe9e4920eab509134d3a7e corporate/4.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 817fd873fb5f997916d61b2cf078d2c3 corporate/4.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n fe95060a37a586f98f5c3683131a9ef2 corporate/4.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.x86_64.rpm \n 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm\n d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4340"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50749"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "PACKETSTORM",
"id": "50366"
},
{
"db": "PACKETSTORM",
"id": "52156"
},
{
"db": "PACKETSTORM",
"id": "50727"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "50269"
}
],
"trust": 4.68
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-4340",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.6
},
{
"db": "BID",
"id": "22083",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0293",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0083",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3622",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3617",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1198",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22055",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22342",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22247",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22210",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21903",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22001",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22992",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22074",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22025",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22088",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22299",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22056",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22422",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23883",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22274",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22195",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22849",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21916",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016858",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016859",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016860",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-312A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22679",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#191336",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 0.3
},
{
"db": "BID",
"id": "19849",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "50749",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50366",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52156",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50727",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51167",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50269",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50749"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "PACKETSTORM",
"id": "50366"
},
{
"db": "PACKETSTORM",
"id": "52156"
},
{
"db": "PACKETSTORM",
"id": "50727"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"id": "VAR-200609-1553",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-11-29T22:17:30.763000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.5,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 1.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 1.1,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22088"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30098"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21949"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016860"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22001"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22025"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-352-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-350-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22342"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016859"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22849"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11007"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22274"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-312a.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1210"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21915"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-351-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0677.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22195"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22056"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:169"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1198"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22074"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21916"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-19.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-01.xml"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-361-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22247"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23883"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22055"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016858"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22422"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1192"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_54_mozilla.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22210"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/446140/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22992"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-640"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0675.html"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-354-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21903"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0293"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1191"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0676.html"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3622"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3617"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22299"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21950"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:168"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/22679/"
},
{
"trust": 0.9,
"url": "http://projects.info-pull.com/mokb/mokb-01-11-2006.html"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://standards.ieee.org/announcements/pr_frames.html"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4568"
},
{
"trust": 0.3,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4566"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4565"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4340"
},
{
"trust": 0.3,
"url": "http://security.debian.org/"
},
{
"trust": 0.3,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4571"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2788"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4340"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4570"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-64.html"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-57.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4565"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4566"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4571"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4253"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-59.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4567"
},
{
"trust": 0.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-58.html"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-63.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4570"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-06.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-61.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4569"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-62.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4568"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50749"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "PACKETSTORM",
"id": "50366"
},
{
"db": "PACKETSTORM",
"id": "52156"
},
{
"db": "PACKETSTORM",
"id": "50727"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50749"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "PACKETSTORM",
"id": "50366"
},
{
"db": "PACKETSTORM",
"id": "52156"
},
{
"db": "PACKETSTORM",
"id": "50727"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#191336"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2006-10-09T04:16:16",
"db": "PACKETSTORM",
"id": "50749"
},
{
"date": "2006-11-03T00:05:01",
"db": "PACKETSTORM",
"id": "51595"
},
{
"date": "2006-10-02T23:40:01",
"db": "PACKETSTORM",
"id": "50366"
},
{
"date": "2006-11-16T15:41:20",
"db": "PACKETSTORM",
"id": "52156"
},
{
"date": "2006-10-09T03:08:57",
"db": "PACKETSTORM",
"id": "50727"
},
{
"date": "2006-10-20T22:34:17",
"db": "PACKETSTORM",
"id": "51167"
},
{
"date": "2006-09-26T19:59:02",
"db": "PACKETSTORM",
"id": "50269"
},
{
"date": "2006-09-15T18:07:00",
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#191336"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2024-11-21T00:15:43.160000",
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
}
}
var-201004-0995
Vulnerability from variot
The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. On recent versions of Windows, only users with administrative privileges can successfully perform an attack. Multiple VMware products are prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with elevated privileges; this may aid in other attacks. This issue only affects Windows host operating systems. NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
-
Relevant releases
VMware Workstation 7.0, VMware Workstation 6.5.3 and earlier, VMware Player 3.0, VMware Player 2.5.3 and earlier, VMware ACE 2.6, VMware ACE 2.5.3 and earlier, VMware Server 2.0.2 and earlier, VMware Fusion 3.0, VMware Fusion 2.0.6 and earlier, VMware VIX API for Windows 1.6.x,
VMware ESXi 4.0 before patch ESXi400-201002402-BG
VMware ESXi 3.5 before patch ESXe350-200912401-T-BG
VMware ESX 4.0 without patches ESX400-201002401-BG, ESX400-200911223-UG
VMware ESX 3.5 without patch ESX350-200912401-BG
VMware ESX 3.0.3 without patch ESX303-201002203-UG
VMware ESX 2.5.5 without Upgrade Patch 15.
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.
In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any not affected
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x any 2.5.4 build 246459 or later
ACE 2.6.x Windows not affected
ACE 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any 2.0.2 build 203138 or later
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.6 build 246742 or later
ESXi 4.0 ESXi ESXi400-201002402-BG
ESXi 3.5 ESXi ESXe350-200912401-T-BG or later
ESX 4.0 ESX ESX400-201002401-BG
ESX 3.5 ESX ESX350-200912401-BG
ESX 3.0.3 ESX ESX303-201002203-UG
ESX 2.5.5 ESX Upgrade Patch 15
b. Windows-based VMware Tools Arbitrary Code Execution vulnerability
A vulnerability in the way VMware executables are loaded allows for
arbitrary code execution in the context of the logged on user.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Ace any any not affected
Server 2.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
d. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x any 2.5.4 build 246459 or later
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion any any Mac OS/X not affected
ESXi any ESXi not applicable
ESX any ESX not applicable
e. VMware VMnc Codec heap overflow vulnerabilities
The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.
Vulnerabilities in the decoder allow for execution of arbitrary
code with the privileges of the user running an application
utilizing the vulnerable codec.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.4 Build 246459 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.x any not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
ACE any any not affected
Server 2.x Window not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
f.
For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.x Linux not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x Windows not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any any not affected
ESX any any not affected
h. Potential information leak via hosted networking stack
A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.
A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
i. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404
ESXi 3.5
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .
Background
VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.
A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.
Workaround
There is no known workaround at this time. We recommend that users unmerge VMware Server:
# emerge --unmerge "app-emulation/vmware-server"
References
[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201209-25.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
Secunia CSI + Microsoft SCCM
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
TITLE: VMware Products Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA39206
VERIFY ADVISORY: http://secunia.com/advisories/39206/
DESCRIPTION: Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system. Windows XP and Windows Vista).
3) An error in libpng can be exploited to disclose uninitialised memory via a specially crafted image.
For more information: SA35346
4) A boundary error and two integer truncation errors in the VMnc codec can be exploited to potentially execute arbitrary code.
For more information: SA36712
5) An error in the VMware Authorization Service ("vmware-authd") can be exploited to cause a crash.
For more information: SA39203
7) A format string error in "vmrun" can be exploited to potentially gain escalated privileges.
For more information: SA39201
SOLUTION: Update to a fixed version.
PROVIDED AND/OR DISCOVERED BY: 4) Alin Rad Pop, Secunia Research
The vendor also credits: 1) Jure Skofic and Mitja Kolsek of ACROS Security 2) Thierry Zoller 4) iDefense and Sebastien Renaud of Vupen 6) Johann MacDonagh 7) Thomas Toth-Steiner
ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html
Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/
OTHER REFERENCES: SA35346: http://secunia.com/advisories/35346/
SA36712: http://secunia.com/advisories/36712/
SA36988: http://secunia.com/advisories/36988/
SA39198: http://secunia.com/advisories/39198/
SA39201: http://secunia.com/advisories/39201/
SA39203: http://secunia.com/advisories/39203/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0995",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "workstation",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "7.0"
},
{
"model": "player",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "7.0.1227600"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "3.0.1227600"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0570"
},
{
"db": "BID",
"id": "39397"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001684"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-159"
},
{
"db": "NVD",
"id": "CVE-2010-1140"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001684"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-159"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1140",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2010-1140",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "46beda78-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1140",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-1140",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-159",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-1140",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1140"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001684"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-159"
},
{
"db": "NVD",
"id": "CVE-2010-1140"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. On recent versions of Windows, only users with administrative privileges can successfully perform an attack. Multiple VMware products are prone to a local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to execute arbitrary code with elevated privileges; this may aid in other attacks. This issue only affects Windows host operating systems. \nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. Relevant releases\n\n VMware Workstation 7.0,\n VMware Workstation 6.5.3 and earlier,\n VMware Player 3.0,\n VMware Player 2.5.3 and earlier,\n VMware ACE 2.6,\n VMware ACE 2.5.3 and earlier,\n VMware Server 2.0.2 and earlier,\n VMware Fusion 3.0,\n VMware Fusion 2.0.6 and earlier,\n VMware VIX API for Windows 1.6.x,\n\n VMware ESXi 4.0 before patch ESXi400-201002402-BG\n\n VMware ESXi 3.5 before patch ESXe350-200912401-T-BG\n\n VMware ESX 4.0 without patches ESX400-201002401-BG,\n ESX400-200911223-UG\n\n VMware ESX 3.5 without patch ESX350-200912401-BG\n\n VMware ESX 3.0.3 without patch ESX303-201002203-UG\n\n VMware ESX 2.5.5 without Upgrade Patch 15. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n A vulnerability in the way VMware libraries are referenced allows\n for arbitrary code execution in the context of the logged on user. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to lure the user that is logged on a Windows Guest\n Operating System to click on the attacker\u0027s file on a network\n share. This file could be in any file format. The attacker will\n need to have the ability to host their malicious files on a\n network share. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n\n Steps needed to remediate this vulnerability:\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the remediated version of Workstation, Player, ACE,\n Server and Fusion. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any not affected\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x any 2.5.4 build 246459 or later\n\n ACE 2.6.x Windows not affected\n ACE 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any 2.0.2 build 203138 or later\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.6 build 246742 or later\n\n ESXi 4.0 ESXi ESXi400-201002402-BG\n ESXi 3.5 ESXi ESXe350-200912401-T-BG or later\n\n ESX 4.0 ESX ESX400-201002401-BG\n ESX 3.5 ESX ESX350-200912401-BG\n ESX 3.0.3 ESX ESX303-201002203-UG\n ESX 2.5.5 ESX Upgrade Patch 15\n\n b. Windows-based VMware Tools Arbitrary Code Execution vulnerability\n\n A vulnerability in the way VMware executables are loaded allows for\n arbitrary code execution in the context of the logged on user. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the Virtual Machine of the user. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x any not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.0 Linux not affected\n Player 2.5.x any not affected\n\n Ace any any not affected\n\n Server 2.x any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not applicable\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x any 2.5.4 build 246459 or later\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion any any Mac OS/X not affected\n\n ESXi any ESXi not applicable\n\n ESX any ESX not applicable\n\n e. VMware VMnc Codec heap overflow vulnerabilities\n\n The VMware movie decoder contains the VMnc media codec that is\n required to play back movies recorded with VMware Workstation,\n VMware Player and VMware ACE, in any compatible media player. The\n movie decoder is installed as part of VMware Workstation, VMware\n Player and VMware ACE, or can be downloaded as a stand alone\n package. \n\n Vulnerabilities in the decoder allow for execution of arbitrary\n code with the privileges of the user running an application\n utilizing the vulnerable codec. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Movie Decoder any Windows 6.5.4 Build 246459 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.x any not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n ACE any any not affected\n\n Server 2.x Window not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\nf. \n\n For an attack to be successful, an attacker would need to trick the\n VMrc user into opening a malicious Web page or following a malicious\n URL. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.x Linux not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x Windows not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any any not affected\n\n ESX any any not affected\n\n h. Potential information leak via hosted networking stack\n\n A vulnerability in the virtual networking stack of VMware hosted\n products could allow host information disclosure. \n\n A guest operating system could send memory from the host vmware-vmx\n process to the virtual network adapter and potentially to the\n host\u0027s physical Ethernet wire. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n i. Linux-based vmrun format string vulnerability\n\n A format string vulnerability in vmrun could allow arbitrary code\n execution. \n\n If a vmrun command is issued and processes are listed, code could\n be executed in the context of the user listing the processes. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n VIX API any Windows not affected\n VIX API 1.6.x Linux upgrade to VIX API 1.7 or later\n VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows not affected\n Workstation 6.5.x Linux 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x Windows not affected\n Player 2.5.x Linux 2.5.4 build 246459 or later\n\n Ace any Windows not affected\n\n Server 2.x Windows not affected\n Server 2.x Linux not being fixed at this time\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n VIX API 1.6 for Windows\n Version 2.0.2 | 203138 - 10/26/09\n 37 MB image\n md5sum: 827e65e70803ec65ade62dd27a74407a\n sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n For Linux\n\n VMware Server 2 for Linux Operating Systems. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 451 MB TAR image\n md5sum: cc7aef813008eeb7150c21547d431b39\n sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n VMware Fusion 3.0.2\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n VMware Fusion 3.0.2 (for Intel-based Macs)\n md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n VMware Fusion 2.0.7\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n VMware Fusion 2.0.7 (for Intel-based Macs)\n md5sum: a293f5ce6ccc227760640753386e9da6\n sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n VMware Fusion 2.0.7 Light (for Intel-based Macs)\n md5sum: d4772d118fb90323f598849e70c21189\n sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n ----------------------------------------------\n VIX API for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host\n md5sum:b494fc3092f07d0f29cc06a19fe61306\n sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n VIX API for Linux 32-bit\n md5sum:6b0ed8872d8b714363cddc68b6a77008\n sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n VIX API for Linux 64-bit\n md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n VIX API Version: 1.8.1 | 2009-10-11 | 207905\n ---------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:4f21e4cb518767bc08045f5a39f5d41f\n sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n VIX API for Linux 32-bit\n md5sum:f347e94d907c26754540d59956ee5d53\n sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n VIX API for Linux 64-bit\n md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n VIX API Version: 1.10 Beta | 01/28/10 | 222403\n ----------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n VIX API for Linux 32-bit\n md5sum:07d1989d042e317eb9d2b3daf269dda7\n sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n VIX API for Linux 64-bit\n md5sum:9b345008e0adec3c044988307294944b\n sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n ESXi\n ----\n ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n md5sum: e5aa2968d389594abdc59cbac7b0183d\n sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n http://kb.vmware.com/kb/1018404\n\n ESXi 3.5\n --------\n ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n ESXe350-200912401-O-BG from December 2009. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/vmware-player\n \u003c= 2.5.5.328052 Vulnerable!\n 2 app-emulation/vmware-workstation\n \u003c= 6.5.5.328052 Vulnerable!\n 3 app-emulation/vmware-server\n \u003c= 1.0.9.156507 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. We recommend that users\nunmerge VMware Server:\n\n # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[ 1 ] CVE-2007-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[ 2 ] CVE-2007-5503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[ 3 ] CVE-2007-5671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[ 4 ] CVE-2008-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[ 5 ] CVE-2008-1340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[ 6 ] CVE-2008-1361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[ 7 ] CVE-2008-1362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[ 8 ] CVE-2008-1363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[ 9 ] CVE-2008-1364\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\n\n Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA39206\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39206/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in multiple VMware products,\nwhich can be exploited by malicious, local users to disclose\nsensitive information or gain escalated privileges, and by malicious\npeople to disclose sensitive information, cause a DoS (Denial of\nService), or potentially compromise a user\u0027s system. Windows XP and Windows\nVista). \n\n3) An error in libpng can be exploited to disclose uninitialised\nmemory via a specially crafted image. \n\nFor more information:\nSA35346\n\n4) A boundary error and two integer truncation errors in the VMnc\ncodec can be exploited to potentially execute arbitrary code. \n\nFor more information:\nSA36712\n\n5) An error in the VMware Authorization Service (\"vmware-authd\") can\nbe exploited to cause a crash. \n\nFor more information:\nSA39203\n\n7) A format string error in \"vmrun\" can be exploited to potentially\ngain escalated privileges. \n\nFor more information:\nSA39201\n\nSOLUTION:\nUpdate to a fixed version. \n\nPROVIDED AND/OR DISCOVERED BY:\n4) Alin Rad Pop, Secunia Research\n\nThe vendor also credits:\n1) Jure Skofic and Mitja Kolsek of ACROS Security\n2) Thierry Zoller\n4) iDefense and Sebastien Renaud of Vupen\n6) Johann MacDonagh\n7) Thomas Toth-Steiner\n\nORIGINAL ADVISORY:\nVMware (VMSA-2010-0007):\nhttp://lists.vmware.com/pipermail/security-announce/2010/000090.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2009-36/\nhttp://secunia.com/secunia_research/2009-37/\n\nOTHER REFERENCES:\nSA35346:\nhttp://secunia.com/advisories/35346/\n\nSA36712:\nhttp://secunia.com/advisories/36712/\n\nSA36988:\nhttp://secunia.com/advisories/36988/\n\nSA39198:\nhttp://secunia.com/advisories/39198/\n\nSA39201:\nhttp://secunia.com/advisories/39201/\n\nSA39203:\nhttp://secunia.com/advisories/39203/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1140"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001684"
},
{
"db": "CNVD",
"id": "CNVD-2010-0570"
},
{
"db": "BID",
"id": "39397"
},
{
"db": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1140"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1140",
"trust": 4.0
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 3.2
},
{
"db": "BID",
"id": "39397",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1023834",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2010-0570",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-159",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001684",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788\u203b14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7CDDCF-463F-11E9-98F5-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "46BEDA78-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2010-1140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117012",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88233",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0570"
},
{
"db": "VULMON",
"id": "CVE-2010-1140"
},
{
"db": "BID",
"id": "39397"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001684"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-159"
},
{
"db": "NVD",
"id": "CVE-2010-1140"
}
]
},
"id": "VAR-201004-0995",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0570"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0570"
}
]
},
"last_update_date": "2024-11-23T19:44:20.384000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"title": "VMSA-2010-0007: VMWare product USB service local privilege escalation patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/153"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0570"
},
{
"db": "VULMON",
"id": "CVE-2010-1140"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001684"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001684"
},
{
"db": "NVD",
"id": "CVE-2010-1140"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/39397"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 1.1,
"url": "http://securitytracker.com/id?1023834"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1140"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2010/apr/1023834.html"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36988/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36712/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39206/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39201/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39203/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35346/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0570"
},
{
"db": "VULMON",
"id": "CVE-2010-1140"
},
{
"db": "BID",
"id": "39397"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001684"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-159"
},
{
"db": "NVD",
"id": "CVE-2010-1140"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0570"
},
{
"db": "VULMON",
"id": "CVE-2010-1140"
},
{
"db": "BID",
"id": "39397"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001684"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-159"
},
{
"db": "NVD",
"id": "CVE-2010-1140"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1"
},
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0570"
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1140"
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39397"
},
{
"date": "2010-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001684"
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215"
},
{
"date": "2012-09-30T16:40:15",
"db": "PACKETSTORM",
"id": "117012"
},
{
"date": "2010-04-12T12:34:14",
"db": "PACKETSTORM",
"id": "88233"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-159"
},
{
"date": "2010-04-12T18:30:00.633000",
"db": "NVD",
"id": "CVE-2010-1140"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0570"
},
{
"date": "2013-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1140"
},
{
"date": "2012-10-01T19:10:00",
"db": "BID",
"id": "39397"
},
{
"date": "2010-07-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001684"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-159"
},
{
"date": "2024-11-21T01:13:44.227000",
"db": "NVD",
"id": "CVE-2010-1140"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "39397"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-159"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMWare product USB Service Local Privilege Escalation Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7cddcf-463f-11e9-98f5-000c29342cb1"
},
{
"db": "IVD",
"id": "46beda78-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0570"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-159"
}
],
"trust": 0.6
}
}
var-200609-1205
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172 http://www.mandriva.com/security/
Package : openssl Date : September 28, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1205",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-2937",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : September 28, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "56053"
}
],
"trust": 5.67
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-1205",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.30152614
},
"last_update_date": "2024-06-28T19:31:36.322000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/tlsa-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0695j.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/tlsa-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.4,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200609-0828
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172-1 http://www.mandriva.com/security/
Package : openssl Date : October 2, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
During the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. (CVE-2006-2937)
Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. (CVE-2006-2940)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0828",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172-1\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : October 2, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n\n During the parsing of certain invalid ASN1 structures an error\n condition is mishandled. This can result in an infinite loop which\n consumes system memory. (CVE-2006-2937)\n\n Certain types of public key can take disproportionate amounts of time\n to process. This could be used by an attacker in a denial of service\n attack. (CVE-2006-2940)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n buffer overflow in the SSL_get_shared_ciphers utility function, used by\n some applications such as exim and mysql. An attacker could send a\n list of ciphers that would overrun a buffer. (CVE-2006-3738)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n possible DoS in the sslv2 client code. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 4.5
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "BID",
"id": "20248",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-0828",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-10-11T21:30:56.306000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200110-0175
Vulnerability from variot
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172-1 http://www.mandriva.com/security/
Package : openssl Date : October 2, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0175",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10cu2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.8"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "fitelnet-f series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "mucho series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:centrecom",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:mucho",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-4343",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172-1\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : October 2, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
}
],
"trust": 4.95
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 3.7
},
{
"db": "BID",
"id": "22083",
"trust": 3.4
},
{
"db": "BID",
"id": "20246",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200110-0175",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-11-19T21:42:07.097000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "openssl (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102711",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/070119_77/top.html"
},
{
"title": "X.509\u8a3c\u660e\u66f8\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20071108.html"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
},
{
"title": "729618/NISCC/PARASITIC-KEYS",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/niscc729618.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.7,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr044501.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-729618/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4343"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2018-10-17T21:36:13.210000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
}
}
var-200609-1273
Vulnerability from variot
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
-
Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- .
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1273",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10cu2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.8"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "fitelnet-f series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "mucho series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:centrecom",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:mucho",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-4343",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "50543"
}
],
"trust": 5.85
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 3.9
},
{
"db": "BID",
"id": "22083",
"trust": 3.7
},
{
"db": "BID",
"id": "20246",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200609-1273",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333334
},
"last_update_date": "2024-11-24T21:25:30.817000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "openssl (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102711",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/070119_77/top.html"
},
{
"title": "X.509\u8a3c\u660e\u66f8\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20071108.html"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
},
{
"title": "729618/NISCC/PARASITIC-KEYS",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/niscc729618.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr044501.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-729618/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4343"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2024-11-21T00:15:43.487000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
}
}
var-200708-0612
Vulnerability from variot
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. Apache HTTP Server of mod_proxy The module includes modules/proxy/proxy_util.c When an invalid data header is processed in the service, the read operation is executed beyond the buffer area, resulting in an interruption in service operation. (DoS) There is a vulnerability that becomes a condition.When processing a specially crafted data header by a third party, the proxy server cache processing crashes and disrupts service operation (DoS) It may be in a state. The Apache mod_proxy module is prone to a denial-of-service vulnerability. A remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM). =========================================================== Ubuntu Security Notice USN-575-1 February 04, 2008 apache2 vulnerabilities CVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-mpm-perchild 2.0.55-4ubuntu2.3 apache2-mpm-prefork 2.0.55-4ubuntu2.3 apache2-mpm-worker 2.0.55-4ubuntu2.3
Ubuntu 6.10: apache2-mpm-perchild 2.0.55-4ubuntu4.2 apache2-mpm-prefork 2.0.55-4ubuntu4.2 apache2-mpm-worker 2.0.55-4ubuntu4.2
Ubuntu 7.04: apache2-mpm-event 2.2.3-3.2ubuntu2.1 apache2-mpm-perchild 2.2.3-3.2ubuntu2.1 apache2-mpm-prefork 2.2.3-3.2ubuntu2.1 apache2-mpm-worker 2.2.3-3.2ubuntu2.1
Ubuntu 7.10: apache2-mpm-event 2.2.4-3ubuntu0.1 apache2-mpm-perchild 2.2.4-3ubuntu0.1 apache2-mpm-prefork 2.2.4-3ubuntu0.1 apache2-mpm-worker 2.2.4-3ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. This was only vulnerable in Ubuntu 6.06. (CVE-2006-3918)
It was discovered that when configured as a proxy server and using a threaded MPM, Apache did not properly sanitize its input. By default, mod_proxy is disabled in Ubuntu. (CVE-2007-3847)
It was discovered that mod_autoindex did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. (CVE-2007-4465)
It was discovered that mod_imap/mod_imagemap did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)
It was discovered that mod_status when status pages were available, allowed for cross-site scripting attacks. By default, mod_status is disabled in Ubuntu. (CVE-2007-6388)
It was discovered that mod_proxy_balancer did not sanitize its input, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6421)
It was discovered that mod_proxy_balancer could be made to dereference a NULL pointer. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)
It was discovered that mod_proxy_ftp did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz
Size/MD5: 121305 10359a467847b63f8d6603081450fece
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc
Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb
Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 171402 3b7567107864cf36953e7911a4851738
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 172186 85a591ea061cbc727fc261b046781502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 94240 b80027348754c493312269f7410b38fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 285664 76f4879738a0a788414316581ac2010b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 144250 3cd8327429958569a306257da57e8be0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 786052 7bdddb451607eeb2abb9706641675397
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 215932 bee4a6e00371117203647fd3a311658a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 219800 aaf4968deba24912e4981f35a367a086
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 93282 1ae6def788c74750d79055784c0d8006
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 267832 96c149638daeb993250b18c9f4285abf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz
Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc
Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb
Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 145340 109c93408c5197be50960cce80c23b7c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209552 8a23207211e54b138d5a87c15c097908
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 171636 07616e459905bad152a8669c8f670436
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 222022 e37ef7d710800e568d838242d3129725
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 208354 0a571678c269d1da06787dac56567f1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212052 90754ccdcd95e652413426376078d223
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz
Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc
Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 971426 30db1106dfea5106da54d2287c02a380
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 403974 65a11cfaee921517445cf74ed04df701
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434308 2073137bb138dc52bbace666714f4e14
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 343774 880faca3543426734431c29de77c3048
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz
Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc
Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz
Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 278032 4f8270cff0a532bd059741b366047da9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 435354 f3557e1a87154424e9144cf672110e93
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8
. An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
[ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01182588 Version: 1
HPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-10 Last Updated: 2007-10-10
Potential Security Impact: Remote Unauthorized Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
References: CVE-2007-3847, CVE-2007-3304
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache 2.0.59.00
BACKGROUND
To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended action has been taken.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision B.2.0.59.00.0 or subsequent restart Apache URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01 hpuxwsAPACHE,revision=B.2.0.59.00
action: install revision B.2.0.59.00.0 or subsequent restart Apache URL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability.
OS Release Depot name MD5 Sum
B.11.11 (IPv4) HPUXWSA-B218-01-1111ipv4.depot eb3bb933baac0f05e1e0809ef1e84eb2
B.11.11 (IPv6) HPUXWSA-B218-01-1111ipv6.depot 540a56b155699336bcbfac0eaf87e3ce
B.11.23 PA-32 HPUXWSA-B218-01-1123-32.depot 2900a0cbea01b6905dc768680fbd5381
B.11.23 IA-64 HPUXWSA-B218-01-1123-64.depot 3be084d96e8a509692e37c71c0184014
B.11.31 PA-32 HPUXWSA-B218-01-1131-32.depot 861122eef70f1b53d68c5adafc64cdb5
B.11.31 IA-64 HPUXWSA-B218-01-1131-64.depot 8dc57222257fe27fb5994da16e91f9a4
The updates are available from: ftp://ssrt1476:ssrt1476@hprc.external.hp.com/ ftp://ssrt1476:ssrt1476@192.170.19.100/
MANUAL ACTIONS: Yes - Update Install Apache 2.0.59.00.0 or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 10 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux
TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRw4UMuAfOvwtKn1ZEQLDowCgnVZZuBkuV66atvv6mh6sxARqYYkAmQEy 7CP41v96ckMOtfU4yeG76pv2 =VMzd -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2009-0010 Synopsis: VMware Hosted products update libpng and Apache HTTP Server Issue date: 2009-08-20 Updated on: 2009-08-20 (initial release of advisory) CVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863 CVE-2006-5752 CVE-2007-3304 CVE-2007-6388 CVE-2007-5000 CVE-2008-0005
- Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved. Likewise, a similar crash could occur on sites with a forward proxy configured if a user could be persuaded to visit a malicious site using the proxy (CVE-2007-3847). On sites where directory listings are used and the AddDefaultCharset directive was removed from the configuration, a cross-site-scripting attack could be possible against browsers that to not correctly derive the response character set according to the rules in RGC 2616 (CVE-2007-4465).
The updated packages have been patched to correct this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Updated Packages:
Mandriva Linux 2007.0: 9bb73822e8ae92ba87aa8baa21d467d1 2007.0/i586/apache-base-2.2.3-1.2mdv2007.0.i586.rpm 1949631d7fc0f87c91ba5dd9e738e036 2007.0/i586/apache-devel-2.2.3-1.2mdv2007.0.i586.rpm 3fed692d7b2eefe64bdd5f557fb0d838 2007.0/i586/apache-htcacheclean-2.2.3-1.2mdv2007.0.i586.rpm 86b32442b40c9e8ee9ba4bc1def61157 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.i586.rpm a6ca98077bee65a270a7777f6a3f3b60 2007.0/i586/apache-mod_cache-2.2.3-1.2mdv2007.0.i586.rpm 3bf50ab09740de6e718dc38e5320a3f7 2007.0/i586/apache-mod_dav-2.2.3-1.2mdv2007.0.i586.rpm 11e3dde4beab554a1523261979852fee 2007.0/i586/apache-mod_dbd-2.2.3-1.2mdv2007.0.i586.rpm 993926a12a2b5192059961a8bcbf4e2c 2007.0/i586/apache-mod_deflate-2.2.3-1.2mdv2007.0.i586.rpm 8553d309d0b537732375fbf0ab6c3187 2007.0/i586/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.i586.rpm 83a1fce76091ea660989b5b310d545ab 2007.0/i586/apache-mod_file_cache-2.2.3-1.2mdv2007.0.i586.rpm c7799b98922ee0e2f5bd114a3b2f3816 2007.0/i586/apache-mod_ldap-2.2.3-1.2mdv2007.0.i586.rpm b3e79d78c26282b39322910be91cd410 2007.0/i586/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.i586.rpm 6c72e3c58cb10447304328c2f863651a 2007.0/i586/apache-mod_proxy-2.2.3-1.2mdv2007.0.i586.rpm a6d09de71a6b7bf7bb1cafc187777be7 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.i586.rpm 05eee18af88226fb76766a9b88d843a8 2007.0/i586/apache-mod_ssl-2.2.3-1.2mdv2007.0.i586.rpm c499609426acef2255940cab04a28b5c 2007.0/i586/apache-mod_userdir-2.2.3-1.2mdv2007.0.i586.rpm bcd0563b948d8958de5a8da12e5ecd85 2007.0/i586/apache-modules-2.2.3-1.2mdv2007.0.i586.rpm 5c4777a2db7fd28b233d1bcc1d570a70 2007.0/i586/apache-mpm-prefork-2.2.3-1.2mdv2007.0.i586.rpm fa38945281388cfd4d37d2f98187a0b0 2007.0/i586/apache-mpm-worker-2.2.3-1.2mdv2007.0.i586.rpm 30e14fac38a58a8ab4bf59a6ecb59f9a 2007.0/i586/apache-source-2.2.3-1.2mdv2007.0.i586.rpm 9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 3301ff7aa05c7cb14eecfc82d1d7fe33 2007.0/x86_64/apache-base-2.2.3-1.2mdv2007.0.x86_64.rpm f0f6cc2cc841959558ab0222d975a9cc 2007.0/x86_64/apache-devel-2.2.3-1.2mdv2007.0.x86_64.rpm 7bf4dbf62cd08717fc3704798d0c839d 2007.0/x86_64/apache-htcacheclean-2.2.3-1.2mdv2007.0.x86_64.rpm ecb3772fac317f54303d1d67c2b1c7a2 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm c6cb91541e0f7a24b337da09ee7eb248 2007.0/x86_64/apache-mod_cache-2.2.3-1.2mdv2007.0.x86_64.rpm f39c5879ff62c5d8dcc41ae73d1ca0cd 2007.0/x86_64/apache-mod_dav-2.2.3-1.2mdv2007.0.x86_64.rpm 562dc2a4e6246fa7dde9986af40ec847 2007.0/x86_64/apache-mod_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm 7be58654d28b2fc0207c3e44370cd118 2007.0/x86_64/apache-mod_deflate-2.2.3-1.2mdv2007.0.x86_64.rpm 6e4314853613d0d9fdd048c8ee96a510 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.x86_64.rpm 5fd5dc78b84bb5579291d27f626cb660 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.2mdv2007.0.x86_64.rpm d5eecb080611220807820106c24b1e22 2007.0/x86_64/apache-mod_ldap-2.2.3-1.2mdv2007.0.x86_64.rpm bed61f6dcb6311d99fb97225a0b48849 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.x86_64.rpm f0d3bb15ba884824380ef1cf0bd129b8 2007.0/x86_64/apache-mod_proxy-2.2.3-1.2mdv2007.0.x86_64.rpm 8f8969581110089a51cf506b8566315e 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.x86_64.rpm 1a40d73c8fbbae8868f09ef947407dad 2007.0/x86_64/apache-mod_ssl-2.2.3-1.2mdv2007.0.x86_64.rpm 0cd432c837a9ba4795bda96b1d3cc98c 2007.0/x86_64/apache-mod_userdir-2.2.3-1.2mdv2007.0.x86_64.rpm f05d88bc8f9c163ca787c30e7bd84e52 2007.0/x86_64/apache-modules-2.2.3-1.2mdv2007.0.x86_64.rpm f5431063918c470fa1ccd6e23db4c70d 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.2mdv2007.0.x86_64.rpm 0db10b3a236c2f59a93eb2bc6ee6c35d 2007.0/x86_64/apache-mpm-worker-2.2.3-1.2mdv2007.0.x86_64.rpm 71f52e6e3afba9d1d923cc64291eb98f 2007.0/x86_64/apache-source-2.2.3-1.2mdv2007.0.x86_64.rpm 9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm
Mandriva Linux 2007.1: e443a21ce0b058aede2aaf82d12d22f7 2007.1/i586/apache-base-2.2.4-6.3mdv2007.1.i586.rpm 6d17234fb69995d52c012bb22f52bab3 2007.1/i586/apache-devel-2.2.4-6.3mdv2007.1.i586.rpm 6a44621592a2320b6d0e9549eceea6a9 2007.1/i586/apache-htcacheclean-2.2.4-6.3mdv2007.1.i586.rpm d0405211b42d562933cd2f802a4276bc 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.i586.rpm 3fd09fafa06eb4e08ad975f9972f28f8 2007.1/i586/apache-mod_cache-2.2.4-6.3mdv2007.1.i586.rpm d61498465662a9c4a7f77f2dcc9438a7 2007.1/i586/apache-mod_dav-2.2.4-6.3mdv2007.1.i586.rpm fbb6c3ccfd793a8f2b9889ed399d5aad 2007.1/i586/apache-mod_dbd-2.2.4-6.3mdv2007.1.i586.rpm 0e67be9eaacb5f8686acdd95d26b8b47 2007.1/i586/apache-mod_deflate-2.2.4-6.3mdv2007.1.i586.rpm f1a050f23e3bc518b8aecd3c6cd5fd91 2007.1/i586/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.i586.rpm d95079c4a7627fe47d529dbe99549023 2007.1/i586/apache-mod_file_cache-2.2.4-6.3mdv2007.1.i586.rpm b24dcaec7dc26c107ff0962d46c7b3a1 2007.1/i586/apache-mod_ldap-2.2.4-6.3mdv2007.1.i586.rpm 98e97b3bd11ca7939aef2bae47c2c497 2007.1/i586/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.i586.rpm bffefef1346635e79f04d0ae56169ab1 2007.1/i586/apache-mod_proxy-2.2.4-6.3mdv2007.1.i586.rpm 0c5881d9e76e9ae20470a954200465ae 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.i586.rpm 21f665113f11b4b88330b887254023f8 2007.1/i586/apache-mod_ssl-2.2.4-6.3mdv2007.1.i586.rpm 192801a60a254a58b57e2f1377ce42c4 2007.1/i586/apache-mod_userdir-2.2.4-6.3mdv2007.1.i586.rpm 51fc25858a4ee79d2fd2cfe460c90708 2007.1/i586/apache-modules-2.2.4-6.3mdv2007.1.i586.rpm d6256083a3df248847340d3c14ecb9ff 2007.1/i586/apache-mpm-event-2.2.4-6.3mdv2007.1.i586.rpm 1359ad128d2d7a24d9211cf7f0276e15 2007.1/i586/apache-mpm-itk-2.2.4-6.3mdv2007.1.i586.rpm d65ac7009e90022455c79debf48cdbdb 2007.1/i586/apache-mpm-prefork-2.2.4-6.3mdv2007.1.i586.rpm f1d8883b5e633cbb6e3832e7b3c4a4cb 2007.1/i586/apache-mpm-worker-2.2.4-6.3mdv2007.1.i586.rpm 947251a0ac81cb912bc4c900bb80e6e7 2007.1/i586/apache-source-2.2.4-6.3mdv2007.1.i586.rpm 299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 444c86d0a5711e30534400781c0cbcf1 2007.1/x86_64/apache-base-2.2.4-6.3mdv2007.1.x86_64.rpm 02514acbf20766b1486389ce4d3e1ed0 2007.1/x86_64/apache-devel-2.2.4-6.3mdv2007.1.x86_64.rpm f6f4126d5a414d7ca686395173aaa3b4 2007.1/x86_64/apache-htcacheclean-2.2.4-6.3mdv2007.1.x86_64.rpm 1a45be10e44347c913d6493a0d3ad25f 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm 5e6df108e6fb0083ffe96810f41bc9ea 2007.1/x86_64/apache-mod_cache-2.2.4-6.3mdv2007.1.x86_64.rpm 31877eb202cbc9cf0869a3d7bc51b47a 2007.1/x86_64/apache-mod_dav-2.2.4-6.3mdv2007.1.x86_64.rpm 33a4ce4f105fbed60b2cdfc73fd524c6 2007.1/x86_64/apache-mod_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm e093528141ed7cd178ae27743ed4ea69 2007.1/x86_64/apache-mod_deflate-2.2.4-6.3mdv2007.1.x86_64.rpm 697a3930734d4570db3aeadc0aac2032 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.x86_64.rpm c8a20e21d7b07363c8efc8b23078a5e8 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.3mdv2007.1.x86_64.rpm d42e4f3cc5ca6ac006d3e4bb7a750273 2007.1/x86_64/apache-mod_ldap-2.2.4-6.3mdv2007.1.x86_64.rpm e8fc195d18dbb431257dd816bdfa7845 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.x86_64.rpm ce7184cd8abf4aa7c98d47a64133c19f 2007.1/x86_64/apache-mod_proxy-2.2.4-6.3mdv2007.1.x86_64.rpm 98957b99a54cb32d6ba055d5f059b7ec 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.x86_64.rpm 17b824837cf63210790e6201154cb94a 2007.1/x86_64/apache-mod_ssl-2.2.4-6.3mdv2007.1.x86_64.rpm 5a2d9f93603eebdde04f8967a07b063d 2007.1/x86_64/apache-mod_userdir-2.2.4-6.3mdv2007.1.x86_64.rpm 44f0ad99c93ae8905a2d32b799dc1520 2007.1/x86_64/apache-modules-2.2.4-6.3mdv2007.1.x86_64.rpm c5c469771e2f25683ddba3f694e28968 2007.1/x86_64/apache-mpm-event-2.2.4-6.3mdv2007.1.x86_64.rpm b691f2e760bdd30c797e46269842a437 2007.1/x86_64/apache-mpm-itk-2.2.4-6.3mdv2007.1.x86_64.rpm fa3551d06a7af5a31a040f90dd215a1d 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.3mdv2007.1.x86_64.rpm 8d2a09ba2b175cd36bbc0dc6dc4c18ea 2007.1/x86_64/apache-mpm-worker-2.2.4-6.3mdv2007.1.x86_64.rpm 7037cb86ca137f40364749a0933b432c 2007.1/x86_64/apache-source-2.2.4-6.3mdv2007.1.x86_64.rpm 299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm
Corporate 3.0: 5bbdb8ac0d8133c1b09d373cbe35f5ea corporate/3.0/i586/apache2-2.0.48-6.15.C30mdk.i586.rpm e14dfcec88913b5245d683502ff684d1 corporate/3.0/i586/apache2-common-2.0.48-6.15.C30mdk.i586.rpm 642b4136b2e2915db59801888b41d1e6 corporate/3.0/i586/apache2-devel-2.0.48-6.15.C30mdk.i586.rpm c8824d8aa09e4917f9b35b1c659b5181 corporate/3.0/i586/apache2-manual-2.0.48-6.15.C30mdk.i586.rpm 09af9e7945caec7163a12be1a14302ee corporate/3.0/i586/apache2-mod_cache-2.0.48-6.15.C30mdk.i586.rpm 374a782a9211ee321f31a4e716d6bb97 corporate/3.0/i586/apache2-mod_dav-2.0.48-6.15.C30mdk.i586.rpm 88a31c94bc077aa0a91f000b839d4b69 corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.15.C30mdk.i586.rpm 8e55a5d1949805b0a6a4f84d571ab4ff corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.i586.rpm 16b573b8a914ab130ac660cce8bddfdb corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.15.C30mdk.i586.rpm 68fdee10fc216a354849a6fc5d89e7cf corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.15.C30mdk.i586.rpm 9e75fe104df971a7a707efb0d6735288 corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.i586.rpm 006f66a419a5f81085bc6fd74e4c1235 corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.15.C30mdk.i586.rpm f0910407a4042202cec58ebdb74127d3 corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.15.C30mdk.i586.rpm 43578ffa09c88aa636c6df329cebe81a corporate/3.0/i586/apache2-modules-2.0.48-6.15.C30mdk.i586.rpm c5c8b21b0bbc8e57f81baa317ccba3f3 corporate/3.0/i586/apache2-source-2.0.48-6.15.C30mdk.i586.rpm f38fcbb77b956304d63d36ad7b003b05 corporate/3.0/i586/libapr0-2.0.48-6.15.C30mdk.i586.rpm aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm
Corporate 3.0/X86_64: 52f3a65b7c0e82d517e66d4b176aa33e corporate/3.0/x86_64/apache2-2.0.48-6.15.C30mdk.x86_64.rpm b54119aca1142e9e9a848cbc18f2a5d0 corporate/3.0/x86_64/apache2-common-2.0.48-6.15.C30mdk.x86_64.rpm e5ac1fdacf86a8214105cc13d3c439aa corporate/3.0/x86_64/apache2-devel-2.0.48-6.15.C30mdk.x86_64.rpm 1bc73ab39962a806585f1c669b8c1f7e corporate/3.0/x86_64/apache2-manual-2.0.48-6.15.C30mdk.x86_64.rpm 87af39a3721856a710383cd51815fbaf corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.15.C30mdk.x86_64.rpm c03c3c1774c1baafaf44a4bb17ca74c6 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.15.C30mdk.x86_64.rpm 0ef802c1187c979d48db6ae4672fb21b corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.15.C30mdk.x86_64.rpm c7d6772332baffc85fd1472e018f5546 corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.x86_64.rpm 45965308167632623ff93de397d4041d corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.15.C30mdk.x86_64.rpm 17e2a48cc23d7983351706745c7cd553 corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.15.C30mdk.x86_64.rpm 5b047d484852dd9a2000028d8dcfb7e6 corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.x86_64.rpm a5f32074ec310263bc03648b81d44173 corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.15.C30mdk.x86_64.rpm 79c4a90fa0ab3bfa8dbe9b12daeff4cd corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.15.C30mdk.x86_64.rpm 15af8e5591d5ff99f5c157a0c01d4174 corporate/3.0/x86_64/apache2-modules-2.0.48-6.15.C30mdk.x86_64.rpm 462316c74fff690d2e98116ddf614d54 corporate/3.0/x86_64/apache2-source-2.0.48-6.15.C30mdk.x86_64.rpm 20553b85bf243e5986af1a3551549ed8 corporate/3.0/x86_64/lib64apr0-2.0.48-6.15.C30mdk.x86_64.rpm aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm
Corporate 4.0: 7d50fe1ac32dec6c4d57dd850950bdb1 corporate/4.0/i586/apache-base-2.2.3-1.2.20060mlcs4.i586.rpm 775785cf1a22f45a64d800fdfcc4a8bc corporate/4.0/i586/apache-devel-2.2.3-1.2.20060mlcs4.i586.rpm 79b64bb1793933f1c8b83e7eee2d4cfa corporate/4.0/i586/apache-htcacheclean-2.2.3-1.2.20060mlcs4.i586.rpm eac03081a34897376d542b7032dd03c2 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.i586.rpm 2c223bb1645aadfba8e6d1d6a2c8756c corporate/4.0/i586/apache-mod_cache-2.2.3-1.2.20060mlcs4.i586.rpm e4c4c07473f9644fc146e2f4d9ce95c8 corporate/4.0/i586/apache-mod_dav-2.2.3-1.2.20060mlcs4.i586.rpm 13f85bc068b14e497873c6028520580a corporate/4.0/i586/apache-mod_dbd-2.2.3-1.2.20060mlcs4.i586.rpm aaa52a86e4a6d3e5322fa140edc5535a corporate/4.0/i586/apache-mod_deflate-2.2.3-1.2.20060mlcs4.i586.rpm 574e07826a89f78883f2cfb3ca224e8c corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.i586.rpm 451efb60480fd0680b6c4f955c46ccf4 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.i586.rpm 73fa350b85ea63a5b3f69d8d387474aa corporate/4.0/i586/apache-mod_ldap-2.2.3-1.2.20060mlcs4.i586.rpm d2364f995210cdbbe324df10d49bef98 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.i586.rpm 145b17e675a42bed7b3a8c5ee883cf45 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.2.20060mlcs4.i586.rpm 92b82835be476736295c15954f2a9eb6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.i586.rpm 0dd6c7df0e3ea475b6b2d50ef4aa5ac0 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.2.20060mlcs4.i586.rpm d579208689ec9a72a599bf3510bdf942 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.2.20060mlcs4.i586.rpm 6fd43dfcfc649c8bcd4692ba9ebeee07 corporate/4.0/i586/apache-modules-2.2.3-1.2.20060mlcs4.i586.rpm 9fbf1dde58f17e3f0f29a8c3f1e1b6b6 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.i586.rpm 72f26a52381b68a8bbc6e2fcc9c0ac8c corporate/4.0/i586/apache-mpm-worker-2.2.3-1.2.20060mlcs4.i586.rpm 99a935e7047a27043159b6555d3444c7 corporate/4.0/i586/apache-source-2.2.3-1.2.20060mlcs4.i586.rpm 07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 35a789ac173ed3cc0dda52270a194bad corporate/4.0/x86_64/apache-base-2.2.3-1.2.20060mlcs4.x86_64.rpm e9df753a94dfb136780651ac743e50eb corporate/4.0/x86_64/apache-devel-2.2.3-1.2.20060mlcs4.x86_64.rpm 3964c83541baaf5af0ccc828282a1954 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.2.20060mlcs4.x86_64.rpm 554ea610010d5f361bcc87d75d8d0f6f corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm 051c20e0f062d50a01c51ebad7dcb96d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm 59a05bd258ba6b4729238885d2fc0273 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.2.20060mlcs4.x86_64.rpm ceb391b54796f3ea763b81c5085da16c corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm 307726e1c4dfcca90093c19e3d17f504 corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.2.20060mlcs4.x86_64.rpm 1500f6520843c6604192e4a621d5b9f1 corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm e0ac5eb68e21253d33928fa28f0acb25 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm 21c68fdaf26b13ed2177bf458979df1e corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.2.20060mlcs4.x86_64.rpm 28ef0171caf2d11cca8fe4f0bf2473db corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm 019893e83acbfb730f79a8eb364ea042 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.2.20060mlcs4.x86_64.rpm 202b1fc0dd2d9364530abbbb13f799b0 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.x86_64.rpm 5cd3084106482b3f01b41cd716c702b8 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.2.20060mlcs4.x86_64.rpm 6a18ec0935144ead6f037f41e852a892 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.2.20060mlcs4.x86_64.rpm 622bb60b53fb48aef1b5a7fc94be3298 corporate/4.0/x86_64/apache-modules-2.2.3-1.2.20060mlcs4.x86_64.rpm f573d1aef5f29f14f8764fce5ea31a1d corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.x86_64.rpm 842d5d6ef1c73fcb0b41b9ff18a75960 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.2.20060mlcs4.x86_64.rpm 1cae994b8a6fb2d2aa9a803d7bb3178d corporate/4.0/x86_64/apache-source-2.2.3-1.2.20060mlcs4.x86_64.rpm 07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 463f2a0de557bfcf7ae0655e5381b22f mnf/2.0/i586/apache2-2.0.48-6.16.M20mdk.i586.rpm 56117551a5480c85920263bcefb32c09 mnf/2.0/i586/apache2-common-2.0.48-6.16.M20mdk.i586.rpm c7496b0bb82f802cd8d17819ee1308bc mnf/2.0/i586/apache2-devel-2.0.48-6.16.M20mdk.i586.rpm 6be15ca61d9a7cc4cc4c7e4e55c4ffd1 mnf/2.0/i586/apache2-manual-2.0.48-6.16.M20mdk.i586.rpm 766a15298990769f14e5ad00745b9c7f mnf/2.0/i586/apache2-mod_cache-2.0.48-6.16.M20mdk.i586.rpm 21d7b83f3e1b80874c5c007c6659c470 mnf/2.0/i586/apache2-mod_dav-2.0.48-6.16.M20mdk.i586.rpm 417055a9758a47db50fcd7ec0a7d4047 mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.16.M20mdk.i586.rpm 90d4aa462e8edf12c52216fa4eeac6a1 mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.16.M20mdk.i586.rpm fbeb5bc02ada67198541cb4e1c2b1b27 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.16.M20mdk.i586.rpm 0f2e617217d9f418182ca89bab9703f0 mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.16.M20mdk.i586.rpm 50e9dc2b73be1f0f3a45ca7da1adbcbf mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.16.M20mdk.i586.rpm 8352541a45d2c76ab840ca6f4b070ffb mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.16.M20mdk.i586.rpm 5744f88c6e59f26418f1f3f531f30734 mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.16.M20mdk.i586.rpm 874dc6a00a02630401f7efeadc93935e mnf/2.0/i586/apache2-modules-2.0.48-6.16.M20mdk.i586.rpm efbd0f5ac6f292474d29f83d36bf86eb mnf/2.0/i586/apache2-source-2.0.48-6.16.M20mdk.i586.rpm 15bd1fcd65bd487b6fd5bba0a8ec530d mnf/2.0/i586/libapr0-2.0.48-6.16.M20mdk.i586.rpm 0e6b7bac08407b02457479763d27e885 mnf/2.0/SRPMS/apache2-2.0.48-6.16.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHVGk3mqjQ0CJFipgRAi2wAKCPuJzkUkyI8lcVRJ3Vu6IbvxMFrQCg3Qxf w5lEeF1m8B+hT513FJVA1po= =c4oi -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200708-0612",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "fedora core",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "6"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.10"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.59 and earlier"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard"
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition version 4"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise edition"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "1.3.28"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard edition"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.4 and earlier"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "version"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard version 6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional version 6"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard edition version 4"
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard"
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light version 6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard version 6"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "architect"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "platform"
},
{
"model": "http server",
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.3.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v20"
},
{
"model": "application stack for enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "application stack for enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "hat fedora core7",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "hat fedora core6",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.9"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.7"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.11"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.41"
},
{
"model": "software foundation apache 2.2.6-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "software foundation apache 2.0.61-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "25489"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor disclosed this vulnerability.",
"sources": [
{
"db": "BID",
"id": "25489"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
}
],
"trust": 0.9
},
"cve": "CVE-2007-3847",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-3847",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3847",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-3847",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200708-391",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-3847",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. Apache HTTP Server of mod_proxy The module includes modules/proxy/proxy_util.c When an invalid data header is processed in the service, the read operation is executed beyond the buffer area, resulting in an interruption in service operation. (DoS) There is a vulnerability that becomes a condition.When processing a specially crafted data header by a third party, the proxy server cache processing crashes and disrupts service operation (DoS) It may be in a state. The Apache mod_proxy module is prone to a denial-of-service vulnerability. \nA remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM). =========================================================== \nUbuntu Security Notice USN-575-1 February 04, 2008\napache2 vulnerabilities\nCVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000,\nCVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-mpm-perchild 2.0.55-4ubuntu2.3\n apache2-mpm-prefork 2.0.55-4ubuntu2.3\n apache2-mpm-worker 2.0.55-4ubuntu2.3\n\nUbuntu 6.10:\n apache2-mpm-perchild 2.0.55-4ubuntu4.2\n apache2-mpm-prefork 2.0.55-4ubuntu4.2\n apache2-mpm-worker 2.0.55-4ubuntu4.2\n\nUbuntu 7.04:\n apache2-mpm-event 2.2.3-3.2ubuntu2.1\n apache2-mpm-perchild 2.2.3-3.2ubuntu2.1\n apache2-mpm-prefork 2.2.3-3.2ubuntu2.1\n apache2-mpm-worker 2.2.3-3.2ubuntu2.1\n\nUbuntu 7.10:\n apache2-mpm-event 2.2.4-3ubuntu0.1\n apache2-mpm-perchild 2.2.4-3ubuntu0.1\n apache2-mpm-prefork 2.2.4-3ubuntu0.1\n apache2-mpm-worker 2.2.4-3ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that Apache did not sanitize the Expect header from\nan HTTP request when it is reflected back in an error message, which\ncould result in browsers becoming vulnerable to cross-site scripting\nattacks when processing the output. With cross-site scripting\nvulnerabilities, if a user were tricked into viewing server output\nduring a crafted server request, a remote attacker could exploit this\nto modify the contents, or steal confidential data (such as passwords),\nwithin the same domain. This was only vulnerable in Ubuntu 6.06. \n(CVE-2006-3918)\n\nIt was discovered that when configured as a proxy server and using a\nthreaded MPM, Apache did not properly sanitize its input. By default, mod_proxy is disabled in\nUbuntu. (CVE-2007-3847)\n\nIt was discovered that mod_autoindex did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. (CVE-2007-4465)\n\nIt was discovered that mod_imap/mod_imagemap did not force a\ncharacter set, which could result in browsers becoming vulnerable\nto cross-site scripting attacks when processing the output. By\ndefault, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)\n\nIt was discovered that mod_status when status pages were available,\nallowed for cross-site scripting attacks. By default, mod_status is\ndisabled in Ubuntu. (CVE-2007-6388)\n\nIt was discovered that mod_proxy_balancer did not sanitize its input,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. By default,\nmod_proxy_balancer is disabled in Ubuntu. This was only vulnerable\nin Ubuntu 7.04 and 7.10. (CVE-2007-6421)\n\nIt was discovered that mod_proxy_balancer could be made to\ndereference a NULL pointer. By\ndefault, mod_proxy_balancer is disabled in Ubuntu. This was only\nvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)\n\nIt was discovered that mod_proxy_ftp did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. By default,\nmod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz\n Size/MD5: 121305 10359a467847b63f8d6603081450fece\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc\n Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb\n Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 171402 3b7567107864cf36953e7911a4851738\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 172186 85a591ea061cbc727fc261b046781502\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 94240 b80027348754c493312269f7410b38fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 285664 76f4879738a0a788414316581ac2010b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 144250 3cd8327429958569a306257da57e8be0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 786052 7bdddb451607eeb2abb9706641675397\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 215932 bee4a6e00371117203647fd3a311658a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 219800 aaf4968deba24912e4981f35a367a086\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 93282 1ae6def788c74750d79055784c0d8006\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 267832 96c149638daeb993250b18c9f4285abf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz\n Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc\n Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb\n Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 145340 109c93408c5197be50960cce80c23b7c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209552 8a23207211e54b138d5a87c15c097908\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 171636 07616e459905bad152a8669c8f670436\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 222022 e37ef7d710800e568d838242d3129725\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 208354 0a571678c269d1da06787dac56567f1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212052 90754ccdcd95e652413426376078d223\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz\n Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc\n Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 971426 30db1106dfea5106da54d2287c02a380\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 403974 65a11cfaee921517445cf74ed04df701\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434308 2073137bb138dc52bbace666714f4e14\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 343774 880faca3543426734431c29de77c3048\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz\n Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc\n Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz\n Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 278032 4f8270cff0a532bd059741b366047da9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 435354 f3557e1a87154424e9144cf672110e93\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8\n\n. An error\nhas been discovered in the recall_headers() function in mod_mem_cache\n(CVE-2007-1862). The mod_cache module does not properly sanitize\nrequests before processing them (CVE-2007-1863). The Prefork module\ndoes not properly check PID values before sending signals\n(CVE-2007-3304). The mod_proxy module does not correctly check headers\nbefore processing them (CVE-2007-3847). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.0.59-r5\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n [ 2 ] CVE-2007-1862\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862\n [ 3 ] CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n [ 4 ] CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n [ 5 ] CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n [ 6 ] CVE-2007-4465\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200711-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01182588\nVersion: 1\n\nHPSBUX02273 SSRT071476 rev. 1 - HP-UX running Apache, Remote Unauthorized Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-10\nLast Updated: 2007-10-10\n\nPotential Security Impact: Remote Unauthorized Denial of Service (DoS) \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX Apache version 2.0.59. The vulnerability could be exploited remotely to create a Denial of Service (DoS). \n\nReferences: CVE-2007-3847, CVE-2007-3304\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache 2.0.59.00\n\nBACKGROUND\n\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended action has been taken. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision B.2.0.59.00.0 or subsequent \nrestart Apache \nURL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \nhpuxwsAPACHE,revision=B.2.0.59.00 \n\naction: install revision B.2.0.59.00.0 or subsequent \nrestart Apache \nURL: ftp://ssrt1476:ssrt1476@hprc.external.hp.com \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \n\nOS Release \n Depot name \n MD5 Sum \n \nB.11.11 (IPv4)\n HPUXWSA-B218-01-1111ipv4.depot\n eb3bb933baac0f05e1e0809ef1e84eb2\n \nB.11.11 (IPv6) \n HPUXWSA-B218-01-1111ipv6.depot\n 540a56b155699336bcbfac0eaf87e3ce\n \nB.11.23 PA-32\n HPUXWSA-B218-01-1123-32.depot\n 2900a0cbea01b6905dc768680fbd5381\n \nB.11.23 IA-64\n HPUXWSA-B218-01-1123-64.depot\n 3be084d96e8a509692e37c71c0184014\n \nB.11.31 PA-32\n HPUXWSA-B218-01-1131-32.depot\n 861122eef70f1b53d68c5adafc64cdb5\n \nB.11.31 IA-64\n HPUXWSA-B218-01-1131-64.depot\n 8dc57222257fe27fb5994da16e91f9a4\n \n\nThe updates are available from: \nftp://ssrt1476:ssrt1476@hprc.external.hp.com/ \nftp://ssrt1476:ssrt1476@192.170.19.100/ \n\nMANUAL ACTIONS: Yes - Update \nInstall Apache 2.0.59.00.0 or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 10 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n -verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS \nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\n\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRw4UMuAfOvwtKn1ZEQLDowCgnVZZuBkuV66atvv6mh6sxARqYYkAmQEy\n7CP41v96ckMOtfU4yeG76pv2\n=VMzd\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2009-0010\nSynopsis: VMware Hosted products update libpng and Apache HTTP\n Server\nIssue date: 2009-08-20\nUpdated on: 2009-08-20 (initial release of advisory)\nCVE numbers: CVE-2009-0040 CVE-2007-3847 CVE-2007-1863\n CVE-2006-5752 CVE-2007-3304 CVE-2007-6388\n CVE-2007-5000 CVE-2008-0005\n- ------------------------------------------------------------------------\n\n1. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. Likewise, a similar crash\n could occur on sites with a forward proxy configured if a user could\n be persuaded to visit a malicious site using the proxy (CVE-2007-3847). On sites where\n directory listings are used and the AddDefaultCharset directive was\n removed from the configuration, a cross-site-scripting attack could\n be possible against browsers that to not correctly derive the response\n character set according to the rules in RGC 2616 (CVE-2007-4465). \n \n The updated packages have been patched to correct this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 9bb73822e8ae92ba87aa8baa21d467d1 2007.0/i586/apache-base-2.2.3-1.2mdv2007.0.i586.rpm\n 1949631d7fc0f87c91ba5dd9e738e036 2007.0/i586/apache-devel-2.2.3-1.2mdv2007.0.i586.rpm\n 3fed692d7b2eefe64bdd5f557fb0d838 2007.0/i586/apache-htcacheclean-2.2.3-1.2mdv2007.0.i586.rpm\n 86b32442b40c9e8ee9ba4bc1def61157 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.i586.rpm\n a6ca98077bee65a270a7777f6a3f3b60 2007.0/i586/apache-mod_cache-2.2.3-1.2mdv2007.0.i586.rpm\n 3bf50ab09740de6e718dc38e5320a3f7 2007.0/i586/apache-mod_dav-2.2.3-1.2mdv2007.0.i586.rpm\n 11e3dde4beab554a1523261979852fee 2007.0/i586/apache-mod_dbd-2.2.3-1.2mdv2007.0.i586.rpm\n 993926a12a2b5192059961a8bcbf4e2c 2007.0/i586/apache-mod_deflate-2.2.3-1.2mdv2007.0.i586.rpm\n 8553d309d0b537732375fbf0ab6c3187 2007.0/i586/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.i586.rpm\n 83a1fce76091ea660989b5b310d545ab 2007.0/i586/apache-mod_file_cache-2.2.3-1.2mdv2007.0.i586.rpm\n c7799b98922ee0e2f5bd114a3b2f3816 2007.0/i586/apache-mod_ldap-2.2.3-1.2mdv2007.0.i586.rpm\n b3e79d78c26282b39322910be91cd410 2007.0/i586/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.i586.rpm\n 6c72e3c58cb10447304328c2f863651a 2007.0/i586/apache-mod_proxy-2.2.3-1.2mdv2007.0.i586.rpm\n a6d09de71a6b7bf7bb1cafc187777be7 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.i586.rpm\n 05eee18af88226fb76766a9b88d843a8 2007.0/i586/apache-mod_ssl-2.2.3-1.2mdv2007.0.i586.rpm\n c499609426acef2255940cab04a28b5c 2007.0/i586/apache-mod_userdir-2.2.3-1.2mdv2007.0.i586.rpm\n bcd0563b948d8958de5a8da12e5ecd85 2007.0/i586/apache-modules-2.2.3-1.2mdv2007.0.i586.rpm\n 5c4777a2db7fd28b233d1bcc1d570a70 2007.0/i586/apache-mpm-prefork-2.2.3-1.2mdv2007.0.i586.rpm\n fa38945281388cfd4d37d2f98187a0b0 2007.0/i586/apache-mpm-worker-2.2.3-1.2mdv2007.0.i586.rpm\n 30e14fac38a58a8ab4bf59a6ecb59f9a 2007.0/i586/apache-source-2.2.3-1.2mdv2007.0.i586.rpm \n 9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 3301ff7aa05c7cb14eecfc82d1d7fe33 2007.0/x86_64/apache-base-2.2.3-1.2mdv2007.0.x86_64.rpm\n f0f6cc2cc841959558ab0222d975a9cc 2007.0/x86_64/apache-devel-2.2.3-1.2mdv2007.0.x86_64.rpm\n 7bf4dbf62cd08717fc3704798d0c839d 2007.0/x86_64/apache-htcacheclean-2.2.3-1.2mdv2007.0.x86_64.rpm\n ecb3772fac317f54303d1d67c2b1c7a2 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm\n c6cb91541e0f7a24b337da09ee7eb248 2007.0/x86_64/apache-mod_cache-2.2.3-1.2mdv2007.0.x86_64.rpm\n f39c5879ff62c5d8dcc41ae73d1ca0cd 2007.0/x86_64/apache-mod_dav-2.2.3-1.2mdv2007.0.x86_64.rpm\n 562dc2a4e6246fa7dde9986af40ec847 2007.0/x86_64/apache-mod_dbd-2.2.3-1.2mdv2007.0.x86_64.rpm\n 7be58654d28b2fc0207c3e44370cd118 2007.0/x86_64/apache-mod_deflate-2.2.3-1.2mdv2007.0.x86_64.rpm\n 6e4314853613d0d9fdd048c8ee96a510 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.2mdv2007.0.x86_64.rpm\n 5fd5dc78b84bb5579291d27f626cb660 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.2mdv2007.0.x86_64.rpm\n d5eecb080611220807820106c24b1e22 2007.0/x86_64/apache-mod_ldap-2.2.3-1.2mdv2007.0.x86_64.rpm\n bed61f6dcb6311d99fb97225a0b48849 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.2mdv2007.0.x86_64.rpm\n f0d3bb15ba884824380ef1cf0bd129b8 2007.0/x86_64/apache-mod_proxy-2.2.3-1.2mdv2007.0.x86_64.rpm\n 8f8969581110089a51cf506b8566315e 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2mdv2007.0.x86_64.rpm\n 1a40d73c8fbbae8868f09ef947407dad 2007.0/x86_64/apache-mod_ssl-2.2.3-1.2mdv2007.0.x86_64.rpm\n 0cd432c837a9ba4795bda96b1d3cc98c 2007.0/x86_64/apache-mod_userdir-2.2.3-1.2mdv2007.0.x86_64.rpm\n f05d88bc8f9c163ca787c30e7bd84e52 2007.0/x86_64/apache-modules-2.2.3-1.2mdv2007.0.x86_64.rpm\n f5431063918c470fa1ccd6e23db4c70d 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.2mdv2007.0.x86_64.rpm\n 0db10b3a236c2f59a93eb2bc6ee6c35d 2007.0/x86_64/apache-mpm-worker-2.2.3-1.2mdv2007.0.x86_64.rpm\n 71f52e6e3afba9d1d923cc64291eb98f 2007.0/x86_64/apache-source-2.2.3-1.2mdv2007.0.x86_64.rpm \n 9bf612bc66eff80fe93f34151959eede 2007.0/SRPMS/apache-2.2.3-1.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n e443a21ce0b058aede2aaf82d12d22f7 2007.1/i586/apache-base-2.2.4-6.3mdv2007.1.i586.rpm\n 6d17234fb69995d52c012bb22f52bab3 2007.1/i586/apache-devel-2.2.4-6.3mdv2007.1.i586.rpm\n 6a44621592a2320b6d0e9549eceea6a9 2007.1/i586/apache-htcacheclean-2.2.4-6.3mdv2007.1.i586.rpm\n d0405211b42d562933cd2f802a4276bc 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.i586.rpm\n 3fd09fafa06eb4e08ad975f9972f28f8 2007.1/i586/apache-mod_cache-2.2.4-6.3mdv2007.1.i586.rpm\n d61498465662a9c4a7f77f2dcc9438a7 2007.1/i586/apache-mod_dav-2.2.4-6.3mdv2007.1.i586.rpm\n fbb6c3ccfd793a8f2b9889ed399d5aad 2007.1/i586/apache-mod_dbd-2.2.4-6.3mdv2007.1.i586.rpm\n 0e67be9eaacb5f8686acdd95d26b8b47 2007.1/i586/apache-mod_deflate-2.2.4-6.3mdv2007.1.i586.rpm\n f1a050f23e3bc518b8aecd3c6cd5fd91 2007.1/i586/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.i586.rpm\n d95079c4a7627fe47d529dbe99549023 2007.1/i586/apache-mod_file_cache-2.2.4-6.3mdv2007.1.i586.rpm\n b24dcaec7dc26c107ff0962d46c7b3a1 2007.1/i586/apache-mod_ldap-2.2.4-6.3mdv2007.1.i586.rpm\n 98e97b3bd11ca7939aef2bae47c2c497 2007.1/i586/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.i586.rpm\n bffefef1346635e79f04d0ae56169ab1 2007.1/i586/apache-mod_proxy-2.2.4-6.3mdv2007.1.i586.rpm\n 0c5881d9e76e9ae20470a954200465ae 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.i586.rpm\n 21f665113f11b4b88330b887254023f8 2007.1/i586/apache-mod_ssl-2.2.4-6.3mdv2007.1.i586.rpm\n 192801a60a254a58b57e2f1377ce42c4 2007.1/i586/apache-mod_userdir-2.2.4-6.3mdv2007.1.i586.rpm\n 51fc25858a4ee79d2fd2cfe460c90708 2007.1/i586/apache-modules-2.2.4-6.3mdv2007.1.i586.rpm\n d6256083a3df248847340d3c14ecb9ff 2007.1/i586/apache-mpm-event-2.2.4-6.3mdv2007.1.i586.rpm\n 1359ad128d2d7a24d9211cf7f0276e15 2007.1/i586/apache-mpm-itk-2.2.4-6.3mdv2007.1.i586.rpm\n d65ac7009e90022455c79debf48cdbdb 2007.1/i586/apache-mpm-prefork-2.2.4-6.3mdv2007.1.i586.rpm\n f1d8883b5e633cbb6e3832e7b3c4a4cb 2007.1/i586/apache-mpm-worker-2.2.4-6.3mdv2007.1.i586.rpm\n 947251a0ac81cb912bc4c900bb80e6e7 2007.1/i586/apache-source-2.2.4-6.3mdv2007.1.i586.rpm \n 299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 444c86d0a5711e30534400781c0cbcf1 2007.1/x86_64/apache-base-2.2.4-6.3mdv2007.1.x86_64.rpm\n 02514acbf20766b1486389ce4d3e1ed0 2007.1/x86_64/apache-devel-2.2.4-6.3mdv2007.1.x86_64.rpm\n f6f4126d5a414d7ca686395173aaa3b4 2007.1/x86_64/apache-htcacheclean-2.2.4-6.3mdv2007.1.x86_64.rpm\n 1a45be10e44347c913d6493a0d3ad25f 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm\n 5e6df108e6fb0083ffe96810f41bc9ea 2007.1/x86_64/apache-mod_cache-2.2.4-6.3mdv2007.1.x86_64.rpm\n 31877eb202cbc9cf0869a3d7bc51b47a 2007.1/x86_64/apache-mod_dav-2.2.4-6.3mdv2007.1.x86_64.rpm\n 33a4ce4f105fbed60b2cdfc73fd524c6 2007.1/x86_64/apache-mod_dbd-2.2.4-6.3mdv2007.1.x86_64.rpm\n e093528141ed7cd178ae27743ed4ea69 2007.1/x86_64/apache-mod_deflate-2.2.4-6.3mdv2007.1.x86_64.rpm\n 697a3930734d4570db3aeadc0aac2032 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.3mdv2007.1.x86_64.rpm\n c8a20e21d7b07363c8efc8b23078a5e8 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.3mdv2007.1.x86_64.rpm\n d42e4f3cc5ca6ac006d3e4bb7a750273 2007.1/x86_64/apache-mod_ldap-2.2.4-6.3mdv2007.1.x86_64.rpm\n e8fc195d18dbb431257dd816bdfa7845 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.3mdv2007.1.x86_64.rpm\n ce7184cd8abf4aa7c98d47a64133c19f 2007.1/x86_64/apache-mod_proxy-2.2.4-6.3mdv2007.1.x86_64.rpm\n 98957b99a54cb32d6ba055d5f059b7ec 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.3mdv2007.1.x86_64.rpm\n 17b824837cf63210790e6201154cb94a 2007.1/x86_64/apache-mod_ssl-2.2.4-6.3mdv2007.1.x86_64.rpm\n 5a2d9f93603eebdde04f8967a07b063d 2007.1/x86_64/apache-mod_userdir-2.2.4-6.3mdv2007.1.x86_64.rpm\n 44f0ad99c93ae8905a2d32b799dc1520 2007.1/x86_64/apache-modules-2.2.4-6.3mdv2007.1.x86_64.rpm\n c5c469771e2f25683ddba3f694e28968 2007.1/x86_64/apache-mpm-event-2.2.4-6.3mdv2007.1.x86_64.rpm\n b691f2e760bdd30c797e46269842a437 2007.1/x86_64/apache-mpm-itk-2.2.4-6.3mdv2007.1.x86_64.rpm\n fa3551d06a7af5a31a040f90dd215a1d 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.3mdv2007.1.x86_64.rpm\n 8d2a09ba2b175cd36bbc0dc6dc4c18ea 2007.1/x86_64/apache-mpm-worker-2.2.4-6.3mdv2007.1.x86_64.rpm\n 7037cb86ca137f40364749a0933b432c 2007.1/x86_64/apache-source-2.2.4-6.3mdv2007.1.x86_64.rpm \n 299d821f2388c0b4eb49992472225564 2007.1/SRPMS/apache-2.2.4-6.3mdv2007.1.src.rpm\n\n Corporate 3.0:\n 5bbdb8ac0d8133c1b09d373cbe35f5ea corporate/3.0/i586/apache2-2.0.48-6.15.C30mdk.i586.rpm\n e14dfcec88913b5245d683502ff684d1 corporate/3.0/i586/apache2-common-2.0.48-6.15.C30mdk.i586.rpm\n 642b4136b2e2915db59801888b41d1e6 corporate/3.0/i586/apache2-devel-2.0.48-6.15.C30mdk.i586.rpm\n c8824d8aa09e4917f9b35b1c659b5181 corporate/3.0/i586/apache2-manual-2.0.48-6.15.C30mdk.i586.rpm\n 09af9e7945caec7163a12be1a14302ee corporate/3.0/i586/apache2-mod_cache-2.0.48-6.15.C30mdk.i586.rpm\n 374a782a9211ee321f31a4e716d6bb97 corporate/3.0/i586/apache2-mod_dav-2.0.48-6.15.C30mdk.i586.rpm\n 88a31c94bc077aa0a91f000b839d4b69 corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.15.C30mdk.i586.rpm\n 8e55a5d1949805b0a6a4f84d571ab4ff corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.i586.rpm\n 16b573b8a914ab130ac660cce8bddfdb corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.15.C30mdk.i586.rpm\n 68fdee10fc216a354849a6fc5d89e7cf corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.15.C30mdk.i586.rpm\n 9e75fe104df971a7a707efb0d6735288 corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.i586.rpm\n 006f66a419a5f81085bc6fd74e4c1235 corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.15.C30mdk.i586.rpm\n f0910407a4042202cec58ebdb74127d3 corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.15.C30mdk.i586.rpm\n 43578ffa09c88aa636c6df329cebe81a corporate/3.0/i586/apache2-modules-2.0.48-6.15.C30mdk.i586.rpm\n c5c8b21b0bbc8e57f81baa317ccba3f3 corporate/3.0/i586/apache2-source-2.0.48-6.15.C30mdk.i586.rpm\n f38fcbb77b956304d63d36ad7b003b05 corporate/3.0/i586/libapr0-2.0.48-6.15.C30mdk.i586.rpm \n aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52f3a65b7c0e82d517e66d4b176aa33e corporate/3.0/x86_64/apache2-2.0.48-6.15.C30mdk.x86_64.rpm\n b54119aca1142e9e9a848cbc18f2a5d0 corporate/3.0/x86_64/apache2-common-2.0.48-6.15.C30mdk.x86_64.rpm\n e5ac1fdacf86a8214105cc13d3c439aa corporate/3.0/x86_64/apache2-devel-2.0.48-6.15.C30mdk.x86_64.rpm\n 1bc73ab39962a806585f1c669b8c1f7e corporate/3.0/x86_64/apache2-manual-2.0.48-6.15.C30mdk.x86_64.rpm\n 87af39a3721856a710383cd51815fbaf corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.15.C30mdk.x86_64.rpm\n c03c3c1774c1baafaf44a4bb17ca74c6 corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.15.C30mdk.x86_64.rpm\n 0ef802c1187c979d48db6ae4672fb21b corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.15.C30mdk.x86_64.rpm\n c7d6772332baffc85fd1472e018f5546 corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.15.C30mdk.x86_64.rpm\n 45965308167632623ff93de397d4041d corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.15.C30mdk.x86_64.rpm\n 17e2a48cc23d7983351706745c7cd553 corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.15.C30mdk.x86_64.rpm\n 5b047d484852dd9a2000028d8dcfb7e6 corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.15.C30mdk.x86_64.rpm\n a5f32074ec310263bc03648b81d44173 corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.15.C30mdk.x86_64.rpm\n 79c4a90fa0ab3bfa8dbe9b12daeff4cd corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.15.C30mdk.x86_64.rpm\n 15af8e5591d5ff99f5c157a0c01d4174 corporate/3.0/x86_64/apache2-modules-2.0.48-6.15.C30mdk.x86_64.rpm\n 462316c74fff690d2e98116ddf614d54 corporate/3.0/x86_64/apache2-source-2.0.48-6.15.C30mdk.x86_64.rpm\n 20553b85bf243e5986af1a3551549ed8 corporate/3.0/x86_64/lib64apr0-2.0.48-6.15.C30mdk.x86_64.rpm \n aab66cf8d305132c45dfa6b8b5fced4d corporate/3.0/SRPMS/apache2-2.0.48-6.15.C30mdk.src.rpm\n\n Corporate 4.0:\n 7d50fe1ac32dec6c4d57dd850950bdb1 corporate/4.0/i586/apache-base-2.2.3-1.2.20060mlcs4.i586.rpm\n 775785cf1a22f45a64d800fdfcc4a8bc corporate/4.0/i586/apache-devel-2.2.3-1.2.20060mlcs4.i586.rpm\n 79b64bb1793933f1c8b83e7eee2d4cfa corporate/4.0/i586/apache-htcacheclean-2.2.3-1.2.20060mlcs4.i586.rpm\n eac03081a34897376d542b7032dd03c2 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.i586.rpm\n 2c223bb1645aadfba8e6d1d6a2c8756c corporate/4.0/i586/apache-mod_cache-2.2.3-1.2.20060mlcs4.i586.rpm\n e4c4c07473f9644fc146e2f4d9ce95c8 corporate/4.0/i586/apache-mod_dav-2.2.3-1.2.20060mlcs4.i586.rpm\n 13f85bc068b14e497873c6028520580a corporate/4.0/i586/apache-mod_dbd-2.2.3-1.2.20060mlcs4.i586.rpm\n aaa52a86e4a6d3e5322fa140edc5535a corporate/4.0/i586/apache-mod_deflate-2.2.3-1.2.20060mlcs4.i586.rpm\n 574e07826a89f78883f2cfb3ca224e8c corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.i586.rpm\n 451efb60480fd0680b6c4f955c46ccf4 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.i586.rpm\n 73fa350b85ea63a5b3f69d8d387474aa corporate/4.0/i586/apache-mod_ldap-2.2.3-1.2.20060mlcs4.i586.rpm\n d2364f995210cdbbe324df10d49bef98 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.i586.rpm\n 145b17e675a42bed7b3a8c5ee883cf45 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.2.20060mlcs4.i586.rpm\n 92b82835be476736295c15954f2a9eb6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.i586.rpm\n 0dd6c7df0e3ea475b6b2d50ef4aa5ac0 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.2.20060mlcs4.i586.rpm\n d579208689ec9a72a599bf3510bdf942 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.2.20060mlcs4.i586.rpm\n 6fd43dfcfc649c8bcd4692ba9ebeee07 corporate/4.0/i586/apache-modules-2.2.3-1.2.20060mlcs4.i586.rpm\n 9fbf1dde58f17e3f0f29a8c3f1e1b6b6 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.i586.rpm\n 72f26a52381b68a8bbc6e2fcc9c0ac8c corporate/4.0/i586/apache-mpm-worker-2.2.3-1.2.20060mlcs4.i586.rpm\n 99a935e7047a27043159b6555d3444c7 corporate/4.0/i586/apache-source-2.2.3-1.2.20060mlcs4.i586.rpm \n 07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 35a789ac173ed3cc0dda52270a194bad corporate/4.0/x86_64/apache-base-2.2.3-1.2.20060mlcs4.x86_64.rpm\n e9df753a94dfb136780651ac743e50eb corporate/4.0/x86_64/apache-devel-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 3964c83541baaf5af0ccc828282a1954 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 554ea610010d5f361bcc87d75d8d0f6f corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 051c20e0f062d50a01c51ebad7dcb96d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 59a05bd258ba6b4729238885d2fc0273 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.2.20060mlcs4.x86_64.rpm\n ceb391b54796f3ea763b81c5085da16c corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 307726e1c4dfcca90093c19e3d17f504 corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 1500f6520843c6604192e4a621d5b9f1 corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm\n e0ac5eb68e21253d33928fa28f0acb25 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 21c68fdaf26b13ed2177bf458979df1e corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 28ef0171caf2d11cca8fe4f0bf2473db corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 019893e83acbfb730f79a8eb364ea042 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 202b1fc0dd2d9364530abbbb13f799b0 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 5cd3084106482b3f01b41cd716c702b8 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 6a18ec0935144ead6f037f41e852a892 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 622bb60b53fb48aef1b5a7fc94be3298 corporate/4.0/x86_64/apache-modules-2.2.3-1.2.20060mlcs4.x86_64.rpm\n f573d1aef5f29f14f8764fce5ea31a1d corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 842d5d6ef1c73fcb0b41b9ff18a75960 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.2.20060mlcs4.x86_64.rpm\n 1cae994b8a6fb2d2aa9a803d7bb3178d corporate/4.0/x86_64/apache-source-2.2.3-1.2.20060mlcs4.x86_64.rpm \n 07d86b59ebeb3596997f6c3a64242d45 corporate/4.0/SRPMS/apache-2.2.3-1.2.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 463f2a0de557bfcf7ae0655e5381b22f mnf/2.0/i586/apache2-2.0.48-6.16.M20mdk.i586.rpm\n 56117551a5480c85920263bcefb32c09 mnf/2.0/i586/apache2-common-2.0.48-6.16.M20mdk.i586.rpm\n c7496b0bb82f802cd8d17819ee1308bc mnf/2.0/i586/apache2-devel-2.0.48-6.16.M20mdk.i586.rpm\n 6be15ca61d9a7cc4cc4c7e4e55c4ffd1 mnf/2.0/i586/apache2-manual-2.0.48-6.16.M20mdk.i586.rpm\n 766a15298990769f14e5ad00745b9c7f mnf/2.0/i586/apache2-mod_cache-2.0.48-6.16.M20mdk.i586.rpm\n 21d7b83f3e1b80874c5c007c6659c470 mnf/2.0/i586/apache2-mod_dav-2.0.48-6.16.M20mdk.i586.rpm\n 417055a9758a47db50fcd7ec0a7d4047 mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.16.M20mdk.i586.rpm\n 90d4aa462e8edf12c52216fa4eeac6a1 mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.16.M20mdk.i586.rpm\n fbeb5bc02ada67198541cb4e1c2b1b27 mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.16.M20mdk.i586.rpm\n 0f2e617217d9f418182ca89bab9703f0 mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.16.M20mdk.i586.rpm\n 50e9dc2b73be1f0f3a45ca7da1adbcbf mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.16.M20mdk.i586.rpm\n 8352541a45d2c76ab840ca6f4b070ffb mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.16.M20mdk.i586.rpm\n 5744f88c6e59f26418f1f3f531f30734 mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.16.M20mdk.i586.rpm\n 874dc6a00a02630401f7efeadc93935e mnf/2.0/i586/apache2-modules-2.0.48-6.16.M20mdk.i586.rpm\n efbd0f5ac6f292474d29f83d36bf86eb mnf/2.0/i586/apache2-source-2.0.48-6.16.M20mdk.i586.rpm\n 15bd1fcd65bd487b6fd5bba0a8ec530d mnf/2.0/i586/libapr0-2.0.48-6.16.M20mdk.i586.rpm \n 0e6b7bac08407b02457479763d27e885 mnf/2.0/SRPMS/apache2-2.0.48-6.16.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFHVGk3mqjQ0CJFipgRAi2wAKCPuJzkUkyI8lcVRJ3Vu6IbvxMFrQCg3Qxf\nw5lEeF1m8B+hT513FJVA1po=\n=c4oi\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3847"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "BID",
"id": "25489"
},
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "61459"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3847",
"trust": 3.3
},
{
"db": "BID",
"id": "25489",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "26636",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2007-3955",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3283",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3095",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3020",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0233",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3494",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27593",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28922",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26993",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28606",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26842",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26790",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27971",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27563",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27209",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26952",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27882",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28749",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28467",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26722",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018633",
"trust": 1.7
},
{
"db": "USCERT",
"id": "SA08-150A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2007-3847",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60039",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "61459",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "BID",
"id": "25489"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "61459"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"id": "VAR-200708-0612",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2024-11-29T20:16:52.518000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache httpd 2.0.61-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.61-dev"
},
{
"title": "Fixed in Apache httpd 2.2.6-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.6-dev"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1249"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897?viewlocale=ja_JP"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1249?viewlocale=ja_JP"
},
{
"title": "httpd-2.2.3-11.1AX",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=71"
},
{
"title": "HS07-039",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-039_e/index-e.html"
},
{
"title": "HPSBUX02273",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01182588"
},
{
"title": "HPSBUX02273",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02273.html"
},
{
"title": "PK55141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK55141"
},
{
"title": "Fix Pack 13 (6.1.0.13)",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951#61013"
},
{
"title": "PK50469",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK50469"
},
{
"title": "4017141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017141"
},
{
"title": "4017303",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017303"
},
{
"title": "httpd (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1190"
},
{
"title": "httpd (V3.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1224"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html"
},
{
"title": "RHSA-2007:0746",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0746.html"
},
{
"title": "RHSA-2007:0747",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0747.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0005.html"
},
{
"title": "July 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update"
},
{
"title": "HS07-039",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security/vuls/HS07-039/index.html"
},
{
"title": "RHSA-2007:0746",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0746J.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0005J.html"
},
{
"title": "RHSA-2007:0747",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0747J.html"
},
{
"title": "interstage_as_200802",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200802.html"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2007-3847: apache2 denial of service vulnerability (for threaded MPMs) in mod_proxy",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=0e9801bee76cc4795aeabe2ccbf7d7f4"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-575-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2007-3847 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/25489"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=apache-cvs\u0026m=118592992309395\u0026w=2"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-500.htm"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk50469"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200711-06.xml"
},
{
"trust": 1.7,
"url": "https://issues.rpath.com/browse/rpl-1710"
},
{
"trust": 1.7,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=186219"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-september/msg00353.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:235"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0911.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0746.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0747.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018633"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26636"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26722"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26790"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26842"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26952"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26993"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27209"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27563"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27593"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27732"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27882"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27971"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/docview.wss?rs=180\u0026uid=swg27007951"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28467"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-575-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28749"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28606"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28922"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0233"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3494"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3020"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3955"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3095"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3283"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01182588"
},
{
"trust": 1.7,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10525"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=apache-httpd-dev\u0026m=118595556504202\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=apache-httpd-dev\u0026m=118595953217856\u0026w=2"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/3020"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-150a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-150a/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3847"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/26636/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-150a.html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2007:0746"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2007:0747"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd-dev\u0026m=118595556504202\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.info/?l=apache-"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2007-3847"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2010:0602"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2008:0005"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=250731"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2007:0911"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs."
},
{
"trust": 0.6,
"url": "httpd-dev\u0026m=118595953217856\u0026w=2"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?rs=180\u0026uid=swg24017334"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?rs=180\u0026uid=swg27010985#new"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?rs=180\u0026uid=swg27004980#ver61"
},
{
"trust": 0.3,
"url": "/archive/1/482486"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement1.3.html"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0746.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0747.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0911.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2007-3847"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/575-1/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "BID",
"id": "25489"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "61459"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"db": "BID",
"id": "25489"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "60039"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "61459"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-08-23T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"date": "2007-08-30T00:00:00",
"db": "BID",
"id": "25489"
},
{
"date": "2007-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"date": "2008-02-05T00:41:56",
"db": "PACKETSTORM",
"id": "63262"
},
{
"date": "2007-11-07T20:27:55",
"db": "PACKETSTORM",
"id": "60759"
},
{
"date": "2007-10-12T04:41:53",
"db": "PACKETSTORM",
"id": "60039"
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533"
},
{
"date": "2007-12-04T05:30:30",
"db": "PACKETSTORM",
"id": "61459"
},
{
"date": "2007-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"date": "2007-08-23T22:17:00",
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULMON",
"id": "CVE-2007-3847"
},
{
"date": "2010-08-05T21:45:00",
"db": "BID",
"id": "25489"
},
{
"date": "2013-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000638"
},
{
"date": "2023-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200708-391"
},
{
"date": "2024-11-21T00:34:12.950000",
"db": "NVD",
"id": "CVE-2007-3847"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "61459"
},
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server of mod_proxy Service disruption in modules (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000638"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200708-391"
}
],
"trust": 0.6
}
}
var-200609-0988
Vulnerability from variot
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
-
Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . ASN.1 Denial of Service Attack (1/2)
During the parsing of certain invalid ASN.1 structures an error
condition is mishandled. ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0988",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10cu2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.8"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "fitelnet-f series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "mucho series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:centrecom",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:mucho",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor credits Tavis Ormandy and Will Drewry of the Google Security Team with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-4343",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. ASN.1 Denial of Service Attack (1/2)\n\n During the parsing of certain invalid ASN.1 structures an error\n condition is mishandled. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "53566"
}
],
"trust": 5.94
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 3.4
},
{
"db": "BID",
"id": "20246",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200609-0988",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333334
},
"last_update_date": "2024-11-21T21:06:14.167000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "openssl (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102711",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/070119_77/top.html"
},
{
"title": "X.509\u8a3c\u660e\u66f8\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20071108.html"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
},
{
"title": "729618/NISCC/PARASITIC-KEYS",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/niscc729618.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.7,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr044501.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-729618/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4343"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2018-10-17T21:36:13.210000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
}
}
var-201006-1188
Vulnerability from variot
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. libpng Is PNG A vulnerability exists in the processing of files. libpng Crafted PNG A vulnerability exists that causes a buffer overflow when processing files. Libpng contains a vulnerability in the way it handles images containing an extra row of image data beyond the height reported in the image header. The 'libpng' library is prone to multiple vulnerabilities. These issues affect versions prior to 'libpng' 1.4.3 and 1.2.44.
Background
libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes. ----------------------------------------------------------------------
"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420."
Non-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:
http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf
TITLE: Mozilla Thunderbird Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA40642
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40642/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40642
RELEASE DATE: 2010-07-22
DISCUSS ADVISORY: http://secunia.com/advisories/40642/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40642/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40642
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Some weaknesses and vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose potentially sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
For more information: SA39925
SOLUTION: Update to Thunderbird 3.0.6 and 3.1.1.
ORIGINAL ADVISORY: http://www.mozilla.org/security/announce/2010/mfsa2010-34.html http://www.mozilla.org/security/announce/2010/mfsa2010-38.html http://www.mozilla.org/security/announce/2010/mfsa2010-39.html http://www.mozilla.org/security/announce/2010/mfsa2010-40.html http://www.mozilla.org/security/announce/2010/mfsa2010-41.html http://www.mozilla.org/security/announce/2010/mfsa2010-42.html http://www.mozilla.org/security/announce/2010/mfsa2010-43.html http://www.mozilla.org/security/announce/2010/mfsa2010-44.html http://www.mozilla.org/security/announce/2010/mfsa2010-46.html http://www.mozilla.org/security/announce/2010/mfsa2010-47.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
CVE-2010-1208
"regenrecht" discovered that incorrect memory handling in DOM
parsing could lead to the execution of arbitrary code.
CVE-2010-1211
Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary
Kwong, Tobias Markus and Daniel Holbert discovered crashes in the
layout engine, which might allow the execution of arbitrary code.
CVE-2010-2751
Jordi Chancel discovered that the location could be spoofed to
appear like a secured page.
CVE-2010-2753
"regenrecht" discovered that incorrect memory handling in XUL
parsing could lead to the execution of arbitrary code.
CVE-2010-2754
Soroush Dalili discovered an information leak in script processing.
For the stable distribution (lenny), these problems have been fixed in version 1.9.0.19-3.
For the unstable distribution (sid), these problems have been fixed in version 1.9.1.11-1.
For the experimental distribution, these problems have been fixed in version 1.9.2.7-1.
We recommend that you upgrade your xulrunner packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.diff.gz Size/MD5 checksum: 149955 e6ec4540373a8dfbea5c1e63f5b628b2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.dsc Size/MD5 checksum: 1755 59f9033377f2450ad114d9ee4367f9c7 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e
Architecture independent packages:
http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-3_all.deb Size/MD5 checksum: 1466246 a3b5c8b34df7e2077a5e3c5c0d911b85
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_alpha.deb Size/MD5 checksum: 165496 ad7c134eeadc1a2aa751c289052d32f1 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_alpha.deb Size/MD5 checksum: 433152 57f7a88c05eece5c0ea17517646267bb http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_alpha.deb Size/MD5 checksum: 72550 b581302383396b57f7e07aa4564245b3 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_alpha.deb Size/MD5 checksum: 51155444 37595efd28303ec3a88d294b58c1e7aa http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_alpha.deb Size/MD5 checksum: 9487312 452f2c3b26bb249711720ade76e77c3f http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_alpha.deb Size/MD5 checksum: 223422 9ce6e6f35412321405c27618a3550763 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_alpha.deb Size/MD5 checksum: 113478 f4946488381af317acb3bd27da3e372e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_alpha.deb Size/MD5 checksum: 940250 abb2d020d4cce2e5547d17dd94323cee http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_alpha.deb Size/MD5 checksum: 3357434 a26b339fee481f1ae5494ee0983e3e75
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_amd64.deb Size/MD5 checksum: 50381710 4e6df9133e326ca7fe1d91adab87609b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_amd64.deb Size/MD5 checksum: 3291324 01a75923a6b796c2e1f3c02e4584072f http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_amd64.deb Size/MD5 checksum: 152266 0a9e05d5e36920cf9cb6c9e39357679b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_amd64.deb Size/MD5 checksum: 7735106 eedecb0183cd911bf7416be5f61cf88e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_amd64.deb Size/MD5 checksum: 374604 7a71d4ce527727f43225fc1cdc6b3915 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_amd64.deb Size/MD5 checksum: 70226 f8860e988f030333c59f893582e17da0 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_amd64.deb Size/MD5 checksum: 890738 0db2e5b458ae1495dce575688a27ef2a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_amd64.deb Size/MD5 checksum: 223326 1d128ae917c5dab4e977ffb018cb704c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_amd64.deb Size/MD5 checksum: 101830 2bb9a62d6454d0b7ef6da98cc07b4013
arm architecture (ARM)
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_arm.deb Size/MD5 checksum: 140950 d9044d5f823661f4a1ef11c47971d6e2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_arm.deb Size/MD5 checksum: 3584768 6ff8221347684a334d6f358d2c8f2dcc http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_arm.deb Size/MD5 checksum: 6802070 e489c87976c243d040f568a8e04a7466 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_arm.deb Size/MD5 checksum: 351056 dd61fc5b425e296ef00120b4cfbc5604 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_arm.deb Size/MD5 checksum: 68552 819703fc0550ee6473572ea3655ab1f5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_arm.deb Size/MD5 checksum: 84224 f3915220a86a6a31e48b845d2af7f249 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_arm.deb Size/MD5 checksum: 222376 cb0563f3e5220ceb6f42b8e6471eb883 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_arm.deb Size/MD5 checksum: 49349776 4037a4ab7eeb964c24c95fbb905edbe6 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_arm.deb Size/MD5 checksum: 815334 c055e242c82b7643c67712602e4f3215
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_armel.deb Size/MD5 checksum: 822978 f8609edb961b6c71732c17575393644a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_armel.deb Size/MD5 checksum: 6962470 fc143ac75279405ef99a3e045439adeb http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_armel.deb Size/MD5 checksum: 3583846 db81fc2e4c8a30fbaf0b176f6d7e77a5 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_armel.deb Size/MD5 checksum: 142446 016a6aa2efa9e49788c97bc925d90bbb http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_armel.deb Size/MD5 checksum: 353294 65f40d8a434c6b430685ef1a54246888 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_armel.deb Size/MD5 checksum: 50182030 97009b62c3d65b5e715f363d7a5a2e0c http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_armel.deb Size/MD5 checksum: 223380 30fd707dea85e43894c84036115920a3 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_armel.deb Size/MD5 checksum: 70694 e5892c32e9850d86138ebf15ad317b63 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_armel.deb Size/MD5 checksum: 84758 a94402fed374f82a1ffeb338cb2a4cbb
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_hppa.deb Size/MD5 checksum: 223614 ea284c98cc97b10b879d6174b81cb486 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_hppa.deb Size/MD5 checksum: 899460 290c89b8835d773b8fd240f5610dc63c http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_hppa.deb Size/MD5 checksum: 72280 1d32724f444212696e28d15dc22386af http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_hppa.deb Size/MD5 checksum: 413386 e78a2aabb581f3f7f8da9cb531d6a883 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_hppa.deb Size/MD5 checksum: 158762 89855347fdf8833df8fd643cfd6a2f10 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_hppa.deb Size/MD5 checksum: 51267722 b51b03ef591a26a4bb72fb0c58e610c0 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_hppa.deb Size/MD5 checksum: 3632562 2d9a207f01319a7bd8f3eb72b3762c77 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_hppa.deb Size/MD5 checksum: 9523510 0f38b76b0074881d4b12823eedc40846 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_hppa.deb Size/MD5 checksum: 106998 32d701f55bd4cc6e0f7160c3b5db43aa
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_i386.deb Size/MD5 checksum: 49553140 cd9fb750075df895e2ad46a8fe4c8bdf http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_i386.deb Size/MD5 checksum: 852228 f04ee6f2c26e9bda77477d64a13f3c53 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_i386.deb Size/MD5 checksum: 79554 e69019a20fc3e8750faf73961cae8a38 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_i386.deb Size/MD5 checksum: 224454 c7e441828615fa66d9907b6407a2b1ad http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_i386.deb Size/MD5 checksum: 351828 85e4711445491850841c2f05102f2bd2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_i386.deb Size/MD5 checksum: 6609818 b99e5d5f75686adcea1c3570fb82ead5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_i386.deb Size/MD5 checksum: 3573826 2869c274453928b8b110d8aee7dcba96 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_i386.deb Size/MD5 checksum: 142966 847a37421b7980378c81c5e818c2df3d http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_i386.deb Size/MD5 checksum: 68968 1eee7343caee6a8a23a141bf6b653fa4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_ia64.deb Size/MD5 checksum: 224078 a9dc6949ac6ef39884d1cb58929e20fc http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_ia64.deb Size/MD5 checksum: 3693822 602f37b927bc425803730a66d17e8bec http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_ia64.deb Size/MD5 checksum: 542370 6015bef0d96154f73c32b2031c8bbf70 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_ia64.deb Size/MD5 checksum: 77166 1a94ec379b6e210cf35c1116939fc5f7 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_ia64.deb Size/MD5 checksum: 813100 d0cdc640bf4a68973942cf563b7f7d7b http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_ia64.deb Size/MD5 checksum: 181192 54ef9505c0b0a0b62539dc3d983a8f83 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_ia64.deb Size/MD5 checksum: 11340432 b833d183a5337231c512aba60e733213 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_ia64.deb Size/MD5 checksum: 49734538 21b8086eb33e228f4a3800307a721558 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_ia64.deb Size/MD5 checksum: 121688 1e8f51c8c5d1097d5c0e4b8fd6743ec7
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mips.deb Size/MD5 checksum: 3611102 8f2980b314f14ff7cf1c244ed11ee638 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mips.deb Size/MD5 checksum: 145574 f38aa4d16323e517d075d1de833a7a35 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mips.deb Size/MD5 checksum: 380888 73bf50fdf8fd49a2251f3c13db9e0a2c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mips.deb Size/MD5 checksum: 7677088 d034f72357eb3276850bea226dfc3489 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mips.deb Size/MD5 checksum: 96932 9c55e0f731b1a507e77abb54ea7c2b08 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mips.deb Size/MD5 checksum: 223126 cc6d3e47d51d4a15cd05ef6af47560c2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mips.deb Size/MD5 checksum: 51902590 b9cafda15eba1ae28b5b054bd82e9d62 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mips.deb Size/MD5 checksum: 919306 764f458b99647036fbdb1b36768e9b99 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mips.deb Size/MD5 checksum: 70412 c674d096e73e7f353733e502bbc9cd05
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 378984 c66e5ff8815e2386755ece9c9a34b820 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 50034074 88479753fa54a417df183b78d0bb6ed1 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 145324 a801aeefc7fbf555ab407eaeb4c35295 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 70170 3145be02d89d6e205de5d89b269b9d8d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 3311114 4dac1eff7f53b49976d984606e76afe6 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 900836 6727b545324904a39f31261db59f516b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 97046 2953be8b2d4df3994abd68d6f95de215 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 7384772 6666f68f98fa2cc81d9e3106c958360b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mipsel.deb Size/MD5 checksum: 223416 a3ad25d92dc8f8e09352bc1fbce07989
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 95068 18f76fe7d470194c6320df8b42e7b09b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 888120 b426372622e1ac0164db3f25589a5447 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 152544 e3b9205b45b66a3fcf4937c44897a7d8 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 3285670 a63c4ce33c3f482584b32cfe50488700 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 7287440 f9d042196ccedd4dfb4da6d3e45ca2b1 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 51458688 a669258d296192b6bd48b68006f9b618 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 223412 b900b19a182c059590bfcdb9495851ef http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 73306 94fdad8b176e63c0c791d19a026ce4b0 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_powerpc.deb Size/MD5 checksum: 362778 79f1ea4633cf0147da60871533750312
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_s390.deb Size/MD5 checksum: 156410 6e986f5714d7052295a32253daea02a9 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_s390.deb Size/MD5 checksum: 73182 f3b9b343586f554ac37e5c7c8970a28a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_s390.deb Size/MD5 checksum: 407006 5919961e64253609b9eacc6a31a19b87 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_s390.deb Size/MD5 checksum: 8401766 a23f6d0b7ac0b83997635feff3977ac2 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_s390.deb Size/MD5 checksum: 223402 f08c12d85314436f6331b75e2e18b1c7 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_s390.deb Size/MD5 checksum: 909824 8c8c3aa62be4c19e97351562dcbe1694 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_s390.deb Size/MD5 checksum: 3308768 50226e505e97362404ffbe3e770775fe http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_s390.deb Size/MD5 checksum: 105828 1e5fc5d7be3c5ab803dd71e8391c06bb http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_s390.deb Size/MD5 checksum: 51242096 ebae3e5b1eb3fd2d9470cbe117b8ced9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_sparc.deb Size/MD5 checksum: 49406432 caf251c788fe4f76679f600bd1d7b1c0 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_sparc.deb Size/MD5 checksum: 70192 33434a3b887ac076d88c0a4e425b3c29 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_sparc.deb Size/MD5 checksum: 144136 359a3cac1ee340f79eb9a53ac65f62ed http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_sparc.deb Size/MD5 checksum: 7181582 4b0f8aaf9a51e7c76073afbb7ea33c6e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_sparc.deb Size/MD5 checksum: 3583844 11cb9b988b9eac3564f11ed310a8d77e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_sparc.deb Size/MD5 checksum: 84544 0646f157f384a6a1ffcc3052035d1789 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_sparc.deb Size/MD5 checksum: 350470 1c643effc57e45c6afc964f2284cda7e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_sparc.deb Size/MD5 checksum: 223260 77281a13fcc78aacd93cf479621ccf74 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_sparc.deb Size/MD5 checksum: 821854 32eba751571daa1dcd4db30e7a3b7b2c
These files will probably be moved into the stable distribution on its next update. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . If the graphics file provides an extra graphics row that is higher than the height reported in the header, this overflow can be triggered, resulting in arbitrary code execution; in addition, when processing a certain There may be a memory leak when some sCAL blocks are used, and specially crafted PNG graphics may cause a denial of service. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425
- Summary
VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.
- Relevant releases
VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,
Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.
- Problem Description
a. VMware Workstation and Player installer security issue
The Workstation 7.x and Player 3.x installers will load an index.htm
file located in the current working directory on which Workstation
7.x or Player 3.x is being installed. This may allow an attacker to
display a malicious file if they manage to get their file onto the
system prior to installation.
The issue can only be exploited at the time that Workstation 7.x or
Player 3.x is being installed. Installed versions of Workstation and
Player are not affected. The security issue is no longer present in
the installer of the new versions of Workstation 7.x and Player 3.x
(see table below for the version numbers).
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3277 to this issue.
VMware would like to thank Alexander Trofimov and Marc Esher for
independently reporting this issue to VMware.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any 7.1.2 build 301548 or later *
Workstation 6.5.x any not affected
Player 3.x any 3.1.2 build 301548 or later *
Player 2.5.x any not affected
AMS any any not affected
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable. Third party libpng updated to version 1.2.44
A buffer overflow condition in libpng is addressed that could potentially lead to code execution with the privileges of the application using libpng. Two potential denial of service issues are also addressed in the update.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249 to these issues.
The following table lists what action remediates the vulnerability (column 4) if a solution is available.
VMware Product Running Replace with/ Product Version on Apply Patch ============= ======== ======= ================= VirtualCenter any Windows not affected
Workstation 7.1.x any 7.1.2 build 301548 or later Workstation 6.5.x any affected, patch pending
Player 3.1.x any 3.1.2 build 301548 or later Player 2.5.x any affected, patch pending
AMS any any not affected
Server any any affected, no patch planned
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.
A function in Apache HTTP Server when multithreaded MPM is used
does not properly handle headers in subrequests in certain
circumstances which may allow remote attackers to obtain sensitive
information via a crafted request that triggers access to memory
locations associated with an earlier request.
The Apache mod_isapi module can be forced to unload a specific
library before the processing of a request is complete, resulting
in memory corruption.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation any any not affected
Player any any not affected
AMS any Windows 2.7.2 build 301548 or later
AMS any Linux affected, patch pending *
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note CVE-2010-0425 is not applicable to AMS running on Linux
-
Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 7.1.2
http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html
Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: 2e9715ec297dc3ca904ad2707d3e2614
sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a
Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 066929f59aef46f11f4d9fd6c6b36e4d
sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3
VMware Player 3.1.2
http://www.vmware.com/download/player/ Release notes:
http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html
VMware Player for Windows 32-bit and 64-bit
md5sum: 3f289cb33af5e425c92d8512fb22a7ba
sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70
VMware Player for Linux 32-bit
md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8
sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749
VMware Player for Linux 64-bit
md5sum: 2ab08e0d4050719845a64d334ca15bb1
sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c
VMware ACE Management Server 2.7.2
http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html
ACE Management Server for Windows
md5sum: 02f0072b8e48a98ed914b633f070d550
sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
- Change log
2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware Security Advisories http://www.vmware.com/security/advisoiries
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201301-01
http://security.gentoo.org/
Severity: High Title: Mozilla Products: Multiple vulnerabilities Date: January 08, 2013 Bugs: #180159, #181361, #207261, #238535, #246602, #251322, #255221, #255234, #255687, #257577, #260062, #261386, #262704, #267234, #273918, #277752, #280226, #280234, #280393, #282549, #284439, #286721, #290892, #292034, #297532, #305689, #307045, #311021, #312361, #312645, #312651, #312675, #312679, #312763, #313003, #324735, #326341, #329279, #336396, #341821, #342847, #348316, #357057, #360055, #360315, #365323, #373595, #379549, #381245, #388045, #390771, #395431, #401701, #403183, #404437, #408161, #413657, #419917, #427224, #433383, #437780, #439586, #439960, #444318 ID: 201301-01
Synopsis
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.
Background
Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla's Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/firefox < 10.0.11 >= 10.0.11 2 www-client/firefox-bin < 10.0.11 >= 10.0.11 3 mail-client/thunderbird < 10.0.11 >= 10.0.11 4 mail-client/thunderbird-bin < 10.0.11 >= 10.0.11 5 www-client/seamonkey < 2.14-r1 >= 2.14-r1 6 www-client/seamonkey-bin < 2.14 >= 2.14 7 dev-libs/nss < 3.14 >= 3.14 8 www-client/mozilla-firefox <= 3.6.8 Vulnerable! 9 www-client/mozilla-firefox-bin <= 3.5.6 Vulnerable! 10 mail-client/mozilla-thunderbird <= 3.0.4-r1 Vulnerable! 11 mail-client/mozilla-thunderbird-bin <= 3.0 Vulnerable! 12 www-client/icecat <= 10.0-r1 Vulnerable! 13 net-libs/xulrunner <= 2.0-r1 Vulnerable! 14 net-libs/xulrunner-bin <= 1.8.1.19 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 14 affected packages
Description
Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL's for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser's font, conduct clickjacking attacks, or have other unspecified impact.
A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file.
Workaround
There is no known workaround at this time.
Resolution
All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11"
All users of the Mozilla Firefox binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"=
All Mozilla Thunderbird users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11"
All users of the Mozilla Thunderbird binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11"
All Mozilla SeaMonkey users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.14-r1"
All users of the Mozilla SeaMonkey binary package should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.14"
All NSS users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.14"
The "www-client/mozilla-firefox" package has been merged into the "www-client/firefox" package. To upgrade, please unmerge "www-client/mozilla-firefox" and then emerge the latest "www-client/firefox" package:
# emerge --sync # emerge --unmerge "www-client/mozilla-firefox" # emerge --ask --oneshot --verbose ">=www-client/firefox-10.0.11"
The "www-client/mozilla-firefox-bin" package has been merged into the "www-client/firefox-bin" package. To upgrade, please unmerge "www-client/mozilla-firefox-bin" and then emerge the latest "www-client/firefox-bin" package:
# emerge --sync # emerge --unmerge "www-client/mozilla-firefox-bin" # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-10.0.11"=
The "mail-client/mozilla-thunderbird" package has been merged into the "mail-client/thunderbird" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird" and then emerge the latest "mail-client/thunderbird" package:
# emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird" # emerge --ask --oneshot -v ">=mail-client/thunderbird-10.0.11"
The "mail-client/mozilla-thunderbird-bin" package has been merged into the "mail-client/thunderbird-bin" package. To upgrade, please unmerge "mail-client/mozilla-thunderbird-bin" and then emerge the latest "mail-client/thunderbird-bin" package:
# emerge --sync # emerge --unmerge "mail-client/mozilla-thunderbird-bin" # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-10.0.11"
Gentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat:
# emerge --unmerge "www-client/icecat"
Gentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner:
# emerge --unmerge "net-libs/xulrunner"
Gentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner:
# emerge --unmerge "net-libs/xulrunner-bin"
References
[ 1 ] CVE-2011-3101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101 [ 2 ] CVE-2007-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436 [ 3 ] CVE-2007-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437 [ 4 ] CVE-2007-2671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671 [ 5 ] CVE-2007-3073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073 [ 6 ] CVE-2008-0016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016 [ 7 ] CVE-2008-0017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017 [ 8 ] CVE-2008-0367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367 [ 9 ] CVE-2008-3835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835 [ 10 ] CVE-2008-3836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836 [ 11 ] CVE-2008-3837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837 [ 12 ] CVE-2008-4058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058 [ 13 ] CVE-2008-4059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059 [ 14 ] CVE-2008-4060 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060 [ 15 ] CVE-2008-4061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061 [ 16 ] CVE-2008-4062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062 [ 17 ] CVE-2008-4063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063 [ 18 ] CVE-2008-4064 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064 [ 19 ] CVE-2008-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065 [ 20 ] CVE-2008-4066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066 [ 21 ] CVE-2008-4067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067 [ 22 ] CVE-2008-4068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068 [ 23 ] CVE-2008-4069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069 [ 24 ] CVE-2008-4070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070 [ 25 ] CVE-2008-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582 [ 26 ] CVE-2008-5012 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012 [ 27 ] CVE-2008-5013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013 [ 28 ] CVE-2008-5014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014 [ 29 ] CVE-2008-5015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015 [ 30 ] CVE-2008-5016 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016 [ 31 ] CVE-2008-5017 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017 [ 32 ] CVE-2008-5018 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018 [ 33 ] CVE-2008-5019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019 [ 34 ] CVE-2008-5021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021 [ 35 ] CVE-2008-5022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022 [ 36 ] CVE-2008-5023 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023 [ 37 ] CVE-2008-5024 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024 [ 38 ] CVE-2008-5052 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052 [ 39 ] CVE-2008-5500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500 [ 40 ] CVE-2008-5501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501 [ 41 ] CVE-2008-5502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502 [ 42 ] CVE-2008-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503 [ 43 ] CVE-2008-5504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504 [ 44 ] CVE-2008-5505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505 [ 45 ] CVE-2008-5506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506 [ 46 ] CVE-2008-5507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507 [ 47 ] CVE-2008-5508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508 [ 48 ] CVE-2008-5510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510 [ 49 ] CVE-2008-5511 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511 [ 50 ] CVE-2008-5512 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512 [ 51 ] CVE-2008-5513 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513 [ 52 ] CVE-2008-5822 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822 [ 53 ] CVE-2008-5913 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913 [ 54 ] CVE-2008-6961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961 [ 55 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 56 ] CVE-2009-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071 [ 57 ] CVE-2009-0352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352 [ 58 ] CVE-2009-0353 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353 [ 59 ] CVE-2009-0354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354 [ 60 ] CVE-2009-0355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355 [ 61 ] CVE-2009-0356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356 [ 62 ] CVE-2009-0357 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357 [ 63 ] CVE-2009-0358 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358 [ 64 ] CVE-2009-0652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652 [ 65 ] CVE-2009-0771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771 [ 66 ] CVE-2009-0772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772 [ 67 ] CVE-2009-0773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773 [ 68 ] CVE-2009-0774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774 [ 69 ] CVE-2009-0775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775 [ 70 ] CVE-2009-0776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776 [ 71 ] CVE-2009-0777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777 [ 72 ] CVE-2009-1044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044 [ 73 ] CVE-2009-1169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169 [ 74 ] CVE-2009-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302 [ 75 ] CVE-2009-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303 [ 76 ] CVE-2009-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304 [ 77 ] CVE-2009-1305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305 [ 78 ] CVE-2009-1306 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306 [ 79 ] CVE-2009-1307 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307 [ 80 ] CVE-2009-1308 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308 [ 81 ] CVE-2009-1309 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309 [ 82 ] CVE-2009-1310 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310 [ 83 ] CVE-2009-1311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311 [ 84 ] CVE-2009-1312 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312 [ 85 ] CVE-2009-1313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313 [ 86 ] CVE-2009-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392 [ 87 ] CVE-2009-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563 [ 88 ] CVE-2009-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571 [ 89 ] CVE-2009-1828 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828 [ 90 ] CVE-2009-1832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832 [ 91 ] CVE-2009-1833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833 [ 92 ] CVE-2009-1834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834 [ 93 ] CVE-2009-1835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835 [ 94 ] CVE-2009-1836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836 [ 95 ] CVE-2009-1837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837 [ 96 ] CVE-2009-1838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838 [ 97 ] CVE-2009-1839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839 [ 98 ] CVE-2009-1840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840 [ 99 ] CVE-2009-1841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841 [ 100 ] CVE-2009-2043 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043 [ 101 ] CVE-2009-2044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044 [ 102 ] CVE-2009-2061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061 [ 103 ] CVE-2009-2065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065 [ 104 ] CVE-2009-2210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210 [ 105 ] CVE-2009-2404 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404 [ 106 ] CVE-2009-2408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408 [ 107 ] CVE-2009-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462 [ 108 ] CVE-2009-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463 [ 109 ] CVE-2009-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464 [ 110 ] CVE-2009-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465 [ 111 ] CVE-2009-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466 [ 112 ] CVE-2009-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467 [ 113 ] CVE-2009-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469 [ 114 ] CVE-2009-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470 [ 115 ] CVE-2009-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471 [ 116 ] CVE-2009-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472 [ 117 ] CVE-2009-2477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477 [ 118 ] CVE-2009-2478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478 [ 119 ] CVE-2009-2479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479 [ 120 ] CVE-2009-2535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535 [ 121 ] CVE-2009-2654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654 [ 122 ] CVE-2009-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662 [ 123 ] CVE-2009-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664 [ 124 ] CVE-2009-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665 [ 125 ] CVE-2009-3069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069 [ 126 ] CVE-2009-3070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070 [ 127 ] CVE-2009-3071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071 [ 128 ] CVE-2009-3072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072 [ 129 ] CVE-2009-3074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074 [ 130 ] CVE-2009-3075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075 [ 131 ] CVE-2009-3076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076 [ 132 ] CVE-2009-3077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077 [ 133 ] CVE-2009-3078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078 [ 134 ] CVE-2009-3079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079 [ 135 ] CVE-2009-3274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274 [ 136 ] CVE-2009-3371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371 [ 137 ] CVE-2009-3372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372 [ 138 ] CVE-2009-3373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373 [ 139 ] CVE-2009-3374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374 [ 140 ] CVE-2009-3375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375 [ 141 ] CVE-2009-3376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376 [ 142 ] CVE-2009-3377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377 [ 143 ] CVE-2009-3378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378 [ 144 ] CVE-2009-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379 [ 145 ] CVE-2009-3380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380 [ 146 ] CVE-2009-3381 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381 [ 147 ] CVE-2009-3382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382 [ 148 ] CVE-2009-3383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383 [ 149 ] CVE-2009-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388 [ 150 ] CVE-2009-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389 [ 151 ] CVE-2009-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555 [ 152 ] CVE-2009-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978 [ 153 ] CVE-2009-3979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979 [ 154 ] CVE-2009-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980 [ 155 ] CVE-2009-3981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981 [ 156 ] CVE-2009-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982 [ 157 ] CVE-2009-3983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983 [ 158 ] CVE-2009-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984 [ 159 ] CVE-2009-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985 [ 160 ] CVE-2009-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986 [ 161 ] CVE-2009-3987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987 [ 162 ] CVE-2009-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988 [ 163 ] CVE-2010-0159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159 [ 164 ] CVE-2010-0160 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160 [ 165 ] CVE-2010-0162 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162 [ 166 ] CVE-2010-0163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163 [ 167 ] CVE-2010-0164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164 [ 168 ] CVE-2010-0165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165 [ 169 ] CVE-2010-0166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166 [ 170 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 171 ] CVE-2010-0167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167 [ 172 ] CVE-2010-0168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168 [ 173 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 174 ] CVE-2010-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169 [ 175 ] CVE-2010-0170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170 [ 176 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 177 ] CVE-2010-0171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171 [ 178 ] CVE-2010-0172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172 [ 179 ] CVE-2010-0173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173 [ 180 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 181 ] CVE-2010-0174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174 [ 182 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 183 ] CVE-2010-0175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175 [ 184 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 185 ] CVE-2010-0176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176 [ 186 ] CVE-2010-0177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177 [ 187 ] CVE-2010-0178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178 [ 188 ] CVE-2010-0179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179 [ 189 ] CVE-2010-0181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181 [ 190 ] CVE-2010-0182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182 [ 191 ] CVE-2010-0183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183 [ 192 ] CVE-2010-0220 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220 [ 193 ] CVE-2010-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648 [ 194 ] CVE-2010-0654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654 [ 195 ] CVE-2010-1028 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028 [ 196 ] CVE-2010-1121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121 [ 197 ] CVE-2010-1125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125 [ 198 ] CVE-2010-1196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196 [ 199 ] CVE-2010-1197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197 [ 200 ] CVE-2010-1198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198 [ 201 ] CVE-2010-1199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199 [ 202 ] CVE-2010-1200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200 [ 203 ] CVE-2010-1201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201 [ 204 ] CVE-2010-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202 [ 205 ] CVE-2010-1203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203 [ 206 ] CVE-2010-1205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205 [ 207 ] CVE-2010-1206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206 [ 208 ] CVE-2010-1207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207 [ 209 ] CVE-2010-1208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208 [ 210 ] CVE-2010-1209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209 [ 211 ] CVE-2010-1210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210 [ 212 ] CVE-2010-1211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211 [ 213 ] CVE-2010-1212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212 [ 214 ] CVE-2010-1213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213 [ 215 ] CVE-2010-1214 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214 [ 216 ] CVE-2010-1215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215 [ 217 ] CVE-2010-1585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585 [ 218 ] CVE-2010-2751 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751 [ 219 ] CVE-2010-2752 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752 [ 220 ] CVE-2010-2753 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753 [ 221 ] CVE-2010-2754 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754 [ 222 ] CVE-2010-2755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755 [ 223 ] CVE-2010-2760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760 [ 224 ] CVE-2010-2762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762 [ 225 ] CVE-2010-2763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763 [ 226 ] CVE-2010-2764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764 [ 227 ] CVE-2010-2765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765 [ 228 ] CVE-2010-2766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766 [ 229 ] CVE-2010-2767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767 [ 230 ] CVE-2010-2768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768 [ 231 ] CVE-2010-2769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769 [ 232 ] CVE-2010-2770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770 [ 233 ] CVE-2010-3131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131 [ 234 ] CVE-2010-3166 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166 [ 235 ] CVE-2010-3167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167 [ 236 ] CVE-2010-3168 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168 [ 237 ] CVE-2010-3169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169 [ 238 ] CVE-2010-3170 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170 [ 239 ] CVE-2010-3171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171 [ 240 ] CVE-2010-3173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173 [ 241 ] CVE-2010-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174 [ 242 ] CVE-2010-3175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175 [ 243 ] CVE-2010-3176 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176 [ 244 ] CVE-2010-3177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177 [ 245 ] CVE-2010-3178 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178 [ 246 ] CVE-2010-3179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179 [ 247 ] CVE-2010-3180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180 [ 248 ] CVE-2010-3182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182 [ 249 ] CVE-2010-3183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183 [ 250 ] CVE-2010-3399 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399 [ 251 ] CVE-2010-3400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400 [ 252 ] CVE-2010-3765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765 [ 253 ] CVE-2010-3766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766 [ 254 ] CVE-2010-3767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767 [ 255 ] CVE-2010-3768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768 [ 256 ] CVE-2010-3769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769 [ 257 ] CVE-2010-3770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770 [ 258 ] CVE-2010-3771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771 [ 259 ] CVE-2010-3772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772 [ 260 ] CVE-2010-3773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773 [ 261 ] CVE-2010-3774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774 [ 262 ] CVE-2010-3775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775 [ 263 ] CVE-2010-3776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776 [ 264 ] CVE-2010-3777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777 [ 265 ] CVE-2010-3778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778 [ 266 ] CVE-2010-4508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508 [ 267 ] CVE-2010-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074 [ 268 ] CVE-2011-0051 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051 [ 269 ] CVE-2011-0053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053 [ 270 ] CVE-2011-0054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054 [ 271 ] CVE-2011-0055 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055 [ 272 ] CVE-2011-0056 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056 [ 273 ] CVE-2011-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057 [ 274 ] CVE-2011-0058 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058 [ 275 ] CVE-2011-0059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059 [ 276 ] CVE-2011-0061 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061 [ 277 ] CVE-2011-0062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062 [ 278 ] CVE-2011-0065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065 [ 279 ] CVE-2011-0066 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066 [ 280 ] CVE-2011-0067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067 [ 281 ] CVE-2011-0068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068 [ 282 ] CVE-2011-0069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069 [ 283 ] CVE-2011-0070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070 [ 284 ] CVE-2011-0071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071 [ 285 ] CVE-2011-0072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072 [ 286 ] CVE-2011-0073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073 [ 287 ] CVE-2011-0074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074 [ 288 ] CVE-2011-0075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075 [ 289 ] CVE-2011-0076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076 [ 290 ] CVE-2011-0077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077 [ 291 ] CVE-2011-0078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078 [ 292 ] CVE-2011-0079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079 [ 293 ] CVE-2011-0080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080 [ 294 ] CVE-2011-0081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081 [ 295 ] CVE-2011-0082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082 [ 296 ] CVE-2011-0083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083 [ 297 ] CVE-2011-0084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084 [ 298 ] CVE-2011-0085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085 [ 299 ] CVE-2011-1187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187 [ 300 ] CVE-2011-1202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202 [ 301 ] CVE-2011-1712 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712 [ 302 ] CVE-2011-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362 [ 303 ] CVE-2011-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363 [ 304 ] CVE-2011-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364 [ 305 ] CVE-2011-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365 [ 306 ] CVE-2011-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369 [ 307 ] CVE-2011-2370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370 [ 308 ] CVE-2011-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371 [ 309 ] CVE-2011-2372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372 [ 310 ] CVE-2011-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373 [ 311 ] CVE-2011-2374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374 [ 312 ] CVE-2011-2375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375 [ 313 ] CVE-2011-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376 [ 314 ] CVE-2011-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377 [ 315 ] CVE-2011-2378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378 [ 316 ] CVE-2011-2605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605 [ 317 ] CVE-2011-2980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980 [ 318 ] CVE-2011-2981 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981 [ 319 ] CVE-2011-2982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982 [ 320 ] CVE-2011-2983 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983 [ 321 ] CVE-2011-2984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984 [ 322 ] CVE-2011-2985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985 [ 323 ] CVE-2011-2986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986 [ 324 ] CVE-2011-2987 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987 [ 325 ] CVE-2011-2988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988 [ 326 ] CVE-2011-2989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989 [ 327 ] CVE-2011-2990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990 [ 328 ] CVE-2011-2991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991 [ 329 ] CVE-2011-2993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993 [ 330 ] CVE-2011-2995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995 [ 331 ] CVE-2011-2996 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996 [ 332 ] CVE-2011-2997 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997 [ 333 ] CVE-2011-2998 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998 [ 334 ] CVE-2011-2999 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999 [ 335 ] CVE-2011-3000 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000 [ 336 ] CVE-2011-3001 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001 [ 337 ] CVE-2011-3002 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002 [ 338 ] CVE-2011-3003 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003 [ 339 ] CVE-2011-3004 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004 [ 340 ] CVE-2011-3005 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005 [ 341 ] CVE-2011-3026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026 [ 342 ] CVE-2011-3062 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062 [ 343 ] CVE-2011-3232 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232 [ 344 ] CVE-2011-3389 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389 [ 345 ] CVE-2011-3640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640 [ 346 ] CVE-2011-3647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647 [ 347 ] CVE-2011-3648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648 [ 348 ] CVE-2011-3649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649 [ 349 ] CVE-2011-3650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650 [ 350 ] CVE-2011-3651 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651 [ 351 ] CVE-2011-3652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652 [ 352 ] CVE-2011-3653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653 [ 353 ] CVE-2011-3654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654 [ 354 ] CVE-2011-3655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655 [ 355 ] CVE-2011-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658 [ 356 ] CVE-2011-3659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659 [ 357 ] CVE-2011-3660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660 [ 358 ] CVE-2011-3661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661 [ 359 ] CVE-2011-3663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663 [ 360 ] CVE-2011-3665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665 [ 361 ] CVE-2011-3670 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670 [ 362 ] CVE-2011-3866 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866 [ 363 ] CVE-2011-4688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688 [ 364 ] CVE-2012-0441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441 [ 365 ] CVE-2012-0442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442 [ 366 ] CVE-2012-0443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443 [ 367 ] CVE-2012-0444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444 [ 368 ] CVE-2012-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445 [ 369 ] CVE-2012-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446 [ 370 ] CVE-2012-0447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447 [ 371 ] CVE-2012-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449 [ 372 ] CVE-2012-0450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450 [ 373 ] CVE-2012-0451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451 [ 374 ] CVE-2012-0452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452 [ 375 ] CVE-2012-0455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455 [ 376 ] CVE-2012-0456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456 [ 377 ] CVE-2012-0457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457 [ 378 ] CVE-2012-0458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458 [ 379 ] CVE-2012-0459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459 [ 380 ] CVE-2012-0460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460 [ 381 ] CVE-2012-0461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461 [ 382 ] CVE-2012-0462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462 [ 383 ] CVE-2012-0463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463 [ 384 ] CVE-2012-0464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464 [ 385 ] CVE-2012-0467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467 [ 386 ] CVE-2012-0468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468 [ 387 ] CVE-2012-0469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469 [ 388 ] CVE-2012-0470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470 [ 389 ] CVE-2012-0471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471 [ 390 ] CVE-2012-0473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473 [ 391 ] CVE-2012-0474 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474 [ 392 ] CVE-2012-0475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475 [ 393 ] CVE-2012-0477 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477 [ 394 ] CVE-2012-0478 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478 [ 395 ] CVE-2012-0479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479 [ 396 ] CVE-2012-1937 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937 [ 397 ] CVE-2012-1938 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938 [ 398 ] CVE-2012-1939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939 [ 399 ] CVE-2012-1940 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940 [ 400 ] CVE-2012-1941 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941 [ 401 ] CVE-2012-1945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945 [ 402 ] CVE-2012-1946 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946 [ 403 ] CVE-2012-1947 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947 [ 404 ] CVE-2012-1948 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948 [ 405 ] CVE-2012-1949 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949 [ 406 ] CVE-2012-1950 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950 [ 407 ] CVE-2012-1951 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951 [ 408 ] CVE-2012-1952 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952 [ 409 ] CVE-2012-1953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953 [ 410 ] CVE-2012-1954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954 [ 411 ] CVE-2012-1955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955 [ 412 ] CVE-2012-1956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956 [ 413 ] CVE-2012-1957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957 [ 414 ] CVE-2012-1958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958 [ 415 ] CVE-2012-1959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959 [ 416 ] CVE-2012-1960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960 [ 417 ] CVE-2012-1961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961 [ 418 ] CVE-2012-1962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962 [ 419 ] CVE-2012-1963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963 [ 420 ] CVE-2012-1964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964 [ 421 ] CVE-2012-1965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965 [ 422 ] CVE-2012-1966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966 [ 423 ] CVE-2012-1967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967 [ 424 ] CVE-2012-1970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970 [ 425 ] CVE-2012-1971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971 [ 426 ] CVE-2012-1972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972 [ 427 ] CVE-2012-1973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973 [ 428 ] CVE-2012-1974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974 [ 429 ] CVE-2012-1975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975 [ 430 ] CVE-2012-1976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976 [ 431 ] CVE-2012-1994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994 [ 432 ] CVE-2012-3956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956 [ 433 ] CVE-2012-3957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957 [ 434 ] CVE-2012-3958 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958 [ 435 ] CVE-2012-3959 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959 [ 436 ] CVE-2012-3960 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960 [ 437 ] CVE-2012-3961 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961 [ 438 ] CVE-2012-3962 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962 [ 439 ] CVE-2012-3963 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963 [ 440 ] CVE-2012-3964 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964 [ 441 ] CVE-2012-3965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965 [ 442 ] CVE-2012-3966 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966 [ 443 ] CVE-2012-3967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967 [ 444 ] CVE-2012-3968 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968 [ 445 ] CVE-2012-3969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969 [ 446 ] CVE-2012-3970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970 [ 447 ] CVE-2012-3971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971 [ 448 ] CVE-2012-3972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972 [ 449 ] CVE-2012-3973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973 [ 450 ] CVE-2012-3975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975 [ 451 ] CVE-2012-3976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976 [ 452 ] CVE-2012-3977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977 [ 453 ] CVE-2012-3978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978 [ 454 ] CVE-2012-3980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980 [ 455 ] CVE-2012-3982 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982 [ 456 ] CVE-2012-3984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984 [ 457 ] CVE-2012-3985 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985 [ 458 ] CVE-2012-3986 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986 [ 459 ] CVE-2012-3988 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988 [ 460 ] CVE-2012-3989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989 [ 461 ] CVE-2012-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990 [ 462 ] CVE-2012-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991 [ 463 ] CVE-2012-3992 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992 [ 464 ] CVE-2012-3993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993 [ 465 ] CVE-2012-3994 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994 [ 466 ] CVE-2012-3995 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995 [ 467 ] CVE-2012-4179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179 [ 468 ] CVE-2012-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180 [ 469 ] CVE-2012-4181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181 [ 470 ] CVE-2012-4182 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182 [ 471 ] CVE-2012-4183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183 [ 472 ] CVE-2012-4184 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184 [ 473 ] CVE-2012-4185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185 [ 474 ] CVE-2012-4186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186 [ 475 ] CVE-2012-4187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187 [ 476 ] CVE-2012-4188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188 [ 477 ] CVE-2012-4190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190 [ 478 ] CVE-2012-4191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191 [ 479 ] CVE-2012-4192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192 [ 480 ] CVE-2012-4193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193 [ 481 ] CVE-2012-4194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194 [ 482 ] CVE-2012-4195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195 [ 483 ] CVE-2012-4196 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196 [ 484 ] CVE-2012-4201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201 [ 485 ] CVE-2012-4202 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202 [ 486 ] CVE-2012-4204 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204 [ 487 ] CVE-2012-4205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205 [ 488 ] CVE-2012-4206 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206 [ 489 ] CVE-2012-4207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207 [ 490 ] CVE-2012-4208 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208 [ 491 ] CVE-2012-4209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209 [ 492 ] CVE-2012-4210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210 [ 493 ] CVE-2012-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212 [ 494 ] CVE-2012-4215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215 [ 495 ] CVE-2012-4216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216 [ 496 ] CVE-2012-5354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354 [ 497 ] CVE-2012-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829 [ 498 ] CVE-2012-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830 [ 499 ] CVE-2012-5833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833 [ 500 ] CVE-2012-5835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835 [ 501 ] CVE-2012-5836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836 [ 502 ] CVE-2012-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838 [ 503 ] CVE-2012-5839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839 [ 504 ] CVE-2012-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840 [ 505 ] CVE-2012-5841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841 [ 506 ] CVE-2012-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842 [ 507 ] CVE-2012-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843 [ 508 ] Firefox Blocking Fraudulent Certificates
http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c= ertificates/ [ 509 ] Mozilla Foundation Security Advisory 2011-11 http://www.mozilla.org/security/announce/2011/mfsa2011-11.html [ 510 ] Mozilla Foundation Security Advisory 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201301-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 .
Background
For more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild.
- Insight
- Perl Tk Module
- Source-Navigator
- Tk
- Partimage
- Mlmmj
- acl
- Xinit
- gzip
- ncompress
- liblzw
- splashutils
- GNU M4
- KDE Display Manager
- GTK+
- KGet
- dvipng
- Beanstalk
- Policy Mount
- pam_krb5
- GNU gv
- LFTP
- Uzbl
- Slim
- Bitdefender Console
- iputils
- DVBStreamer
Impact
A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Updates for all affected architectures have been available since 2011. It is likely that your system is already no longer affected by these issues. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy.
Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Updated Packages:
Mandriva Linux 2008.0: 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2009.0: 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.1: 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2010.0: 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.1: 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64: 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Corporate 4.0: be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Corporate 4.0/X86_64: f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64: e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. =========================================================== Ubuntu Security Notice USN-930-4 July 23, 2010 firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities CVE-2008-5913, CVE-2010-0654, CVE-2010-1121, CVE-2010-1125, CVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199, CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203, CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208, CVE-2010-1209, CVE-2010-1210, CVE-2010-1211, CVE-2010-1212, CVE-2010-1213, CVE-2010-1214, CVE-2010-1215, CVE-2010-2751, CVE-2010-2752, CVE-2010-2753, CVE-2010-2754 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.04 Ubuntu 9.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 9.04: abrowser 3.6.7+build2+nobinonly-0ubuntu0.9.04.1 firefox-3.0 3.6.7+build2+nobinonly-0ubuntu0.9.04.1 xulrunner-1.9.2 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2
Ubuntu 9.10: firefox-3.5 3.6.7+build2+nobinonly-0ubuntu0.9.10.1 xulrunner-1.9.2 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2
Mozilla has changed the support model for Firefox and they no longer support version 3.0 of the browser and will only support version 3.5 of the browser for a while longer. As a result, Ubuntu is providing an upgrade to Firefox 3.6 for Ubuntu 9.04 and 9.10 users, which is the most current stable release of Firefox supported by Mozilla. When upgrading, users should be aware of the following:
- Firefox 3.6 does not support version 5 of the Sun Java plugin. Please use icedtea6-plugin or sun-java6-plugin instead.
- After upgrading to Firefox 3.6.6, users may be prompted to upgrade 3rd party Add-Ons. In some cases, an Add-On will not be compatible with Firefox 3.6.6 and have no update available. In these cases, Firefox will notify the user that it is disabling the Add-On.
- Font configuration cannot be controlled via Gnome settings. This is a known issue being tracked in https://launchpad.net/bugs/559149 and will be fixed in a later update.
- helix-player is not currently supported in Firefox 3.6. This is a known issue and may be fixed in a future update.
- Plugins using external helpers (such as Totem) may not close when using the Epiphany browser. This is a known issue being tracked in https://launchpad.net/bugs/599796 and will be fixed in a later update. This issue only affects Ubuntu 9.04.
- The OpenJDK java plugin is not available in Ubuntu 9.04 on Sparc hardware. This will be fixed in a future update.
After a standard system upgrade you need to restart Firefox and any applications that use Xulrunner to effect the necessary changes.
Details follow:
USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides the corresponding updates for Ubuntu 9.04 and 9.10, along with additional updates affecting Firefox 3.6.6.
Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212)
An integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1214)
A flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. (CVE-2010-1215)
An integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2752)
An integer overflow was discovered in how Firefox interpreted the XUL element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2753)
Aki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)
Yosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-1213, CVE-2010-1207)
O. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-1210)
Michal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no content) code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-1206)
Jordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-2751)
Chris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0654)
Soroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains. (CVE-2010-2754)
Original advisory details:
If was discovered that Firefox could be made to access freed memory. (CVE-2010-1121)
Several flaws were discovered in the browser engine of Firefox. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203)
A flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198)
An integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196)
Martin Barbella discovered an integer overflow in an XSLT node sorting routine. (CVE-2010-1199)
Michal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125)
Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present. Under certain circumstances, this could potentially lead to cross-site scripting attacks. (CVE-2010-1197)
Amit Klein discovered that Firefox did not seed its random number generator often enough. An attacker could exploit this to identify and track users across different web sites. (CVE-2008-5913)
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 67119 0d7f276c870914e97be8016c470c0acc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.diff.gz
Size/MD5: 144826 b71440bbda1a9a19aa3434ad6a00c486
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.dsc
Size/MD5: 2552 0e63965d7e1ba8d0c024793dae18a651
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly.orig.tar.gz
Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72226 e41f4ba0e1ee2812d09f178ce649be97
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72392 fb339d706ee66252e70e96d62c33b305
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72228 d3b045b5cafba2c50b75eb3c5c0a590a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72218 6a5c7d950490e1b8265bac1bc15abeb1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72240 e1de71fa375ab4896e29dafcca783dba
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72574 f4cb1ee7572ed2ab316313ecbb3ed84f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72236 2dece76f652e27494e7487f4e68f646a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72222 c4aebcd1ce9c8b621b7297b7088d2ef4
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72256 3caf1296c3c06121157b6614170e1083
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72226 d1f70077a0e3ed2fee170c02bfb03e7c
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72212 133df734e76a4477af91dec984aa2694
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72240 6efcfef2ed5164204686ce075d23332d
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
Size/MD5: 72210 07339b8304124d7afbacf53943f0500f
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 7798876 759f27c1d6635a6d04b07c9a73f54f3c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb
Size/MD5: 72330 b9692de7b7947e32c1f678a9d554effa
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb
Size/MD5: 72764 706e5682afbbc54334bb823fe92e9d0c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb
Size/MD5: 12504700 0c81c0201b8a6b3aef72d2213d9d38b2
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_amd64.deb
Size/MD5: 29308 4174c5e062a927f5f4fd445bc3f2b7ce
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 9913748 ad706c2a0c670ea9bc6de7109211c8e4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb
Size/MD5: 72340 b19f20096548fc8981367cd9d431379f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb
Size/MD5: 72762 faaacee4aa7e2fd7fa961a88c4b86d0f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb
Size/MD5: 11192572 5adae55773b0ca8e438c7252046f705b
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_i386.deb
Size/MD5: 29308 ca6a787a65220583746b55366ae9ac44
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/
Size/MD5: 4830218 0d3caf5b20aba2975f9f7e423c6b3b69
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb
Size/MD5: 72332 099275f779e538dc54e913593084b7bc
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb
Size/MD5: 72762 ee7361261892014edfc1a69365672c17
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb
Size/MD5: 10687418 2a010333c02ed1112cbef0544cf73cf1
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_lpia.deb
Size/MD5: 29308 5fb3d21190e1e8012b08b694c4b9239c
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/
Size/MD5: 4812772 94b728d013dee6371b8cc4ebef11430c
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb
Size/MD5: 72340 6318359d26cfa32d4e1eeda6c8916aa4
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb
Size/MD5: 72770 e5449bcbe442fa1385d7b2ecbc8c1831
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb
Size/MD5: 11583662 a73467d63e46af2f21b2e46fa0f29797
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_powerpc.deb
Size/MD5: 29310 69a2c47902bb366a50c2bb3fa9053131
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/
Size/MD5: 75512 a49a96a5d589e39a77720fe70706da03
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_sparc.deb
Size/MD5: 29312 e66a94b78d1d6476b05736a82c4ed49c
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 2621 74297592edce6f55313193967daaebeb
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.diff.gz
Size/MD5: 155727 0e58cb5f9e5293c40564e944e50437a6
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.dsc
Size/MD5: 2758 e6647365f000313a96f9a72b4dc8022f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly.orig.tar.gz
Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 29714 b4ee604ee0d4dbdc448a74f6f746528c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75716 8ec52b07f2b60dbb381909a6b7e5f039
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75964 69b4baf1c2b4ce75ced092dbdb44266b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75700 22bd34473ba1abe7501b247f7d8980b5
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75702 3dc765e62e9300dd5a57d512be2e3c3b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75700 1ae9b7c023259e8f9fa994c24efeb07f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75706 f4a1b34f657927ca5eaf15cf9976e336
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75704 80434fb6b98bd5ddafbd0d9d472b9416
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75698 1e6cffa413775771f086d3238ed84a6b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75722 b3dea417d76e06235b1f7c267d4871fe
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 76052 9c59d599f01a4af2337515c224164b11
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75718 70e6d5d57e356e78500d8558e6ec7f72
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 8938 3085a96f8f815fbb01b21dd67d4b423d
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75710 45b7c94ece697097b83adb8bc09b5769
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 8940 8d60975aeb324b31426a64d0a1485320
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 8930 e9c41de371986cf16137aa0a8baa1635
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75710 191d51d184569650814b7d1e87e808a3
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75720 f18da780b4b8e57685667bb94faeac19
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75726 6bef8a651c1763ca5fdd3140bd7ae915
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-venkman_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75714 408c0fa73ac828fa9acae2a7ff02e6f7
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75692 3c4f3ef8332997b0a72bda0e436ab0fe
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75708 c3f238accf868508d1d44a3984a0deda
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75722 41bf0606552717a9988db2bd929b3862
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75692 e27ae8b4a4875eff55fedd2c3da9499e
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
Size/MD5: 75710 49ada82e615b86ac74f5880b656d8914
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 10675764 276cf6fd80197d8edf64b2c885c5e540
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb
Size/MD5: 76196 ec574586607cd1da65dd5ee7c1f17317
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb
Size/MD5: 12502768 ef8749c8ba4b15a29631f69baccf6984
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_amd64.deb
Size/MD5: 29196 766569469e7d1d805a16b659607cb228
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/
Size/MD5: 43286 e1e37c33ecc0918fcd518e5748c767e2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb
Size/MD5: 76198 06d415ebee45883afa9de06a4bf00ba2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb
Size/MD5: 11217372 c3ddffd8a035d3be397ffc112c17e0a9
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_i386.deb
Size/MD5: 29190 c59e1bbc03df75b63c72a956530ecdff
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/
Size/MD5: 4794796 0f04c58b1898ef6ff8c42e9f696cf943
http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb
Size/MD5: 76192 ac0e4a03520b896085dbc4b1e524c397
http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb
Size/MD5: 10720482 e9459f2ddd0b28adc40e37bc46de87d8
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_lpia.deb
Size/MD5: 29194 b5c356758ef5adb4468c85577660061a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/
Size/MD5: 64642040 19a96c0ae2726790da3efb566ac4fdb0
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_powerpc.deb
Size/MD5: 29200 69d071a75fcd766841f7f428ec9eb806
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/
Size/MD5: 7629538 5042de0cdebf36ad17e6485b966ec94f
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_sparc.deb
Size/MD5: 29194 f154cda4e06288f639db4d6024c26695
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-1188",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firefox",
"scope": "lt",
"trust": 1.8,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"model": "firefox",
"scope": "lt",
"trust": 1.8,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"model": "seamonkey",
"scope": "lt",
"trust": 1.8,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "thunderbird",
"scope": "lt",
"trust": 1.8,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "thunderbird",
"scope": "lt",
"trust": 1.8,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "11"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.1,
"vendor": "apple",
"version": "10"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"model": "iphone os",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.2"
},
{
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "thunderbird",
"scope": "gte",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.0.7"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.0"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.3"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.10"
},
{
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "mac os x server",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "firefox",
"scope": "gte",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.5.12"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "13"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.1"
},
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "5.0.375.99"
},
{
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1"
},
{
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.5"
},
{
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1.2"
},
{
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1.2"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.2.44"
},
{
"model": "mac os x server",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.4"
},
{
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "libpng",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.8,
"vendor": "png group",
"version": "1.0.x"
},
{
"model": "libpng",
"scope": "lt",
"trust": 0.8,
"vendor": "png group",
"version": "1.2.44 earlier"
},
{
"model": "libpng",
"scope": "lt",
"trust": 0.8,
"vendor": "png group",
"version": "1.4.3 earlier"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.1.x"
},
{
"model": "server",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "7.1.x"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "(2nd generation) 4.0 software"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.0 to 4.1 (iphone 3g after )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.1 to 4.1 (ipod touch (2nd generation) after )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "3.2 to 3.2.2 (ipad for )"
},
{
"model": "ipad",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "ipod touch",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "pictbear",
"scope": "lt",
"trust": 0.8,
"vendor": "fenrir",
"version": "2.02"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.2.22"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.47"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.4.0"
},
{
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.25"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.16"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "15.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.21"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.36"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.6"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "in motion blackberry enterprise server express for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1.2301548"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9156507"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.18"
},
{
"model": "in motion blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.42"
},
{
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.5"
},
{
"model": "coat systems proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "3.4.1.1"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "beta19",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2156735"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.15"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "aura system platform sp1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.8"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.13"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.20"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.14"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10203137"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.12"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.8"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.2"
},
{
"model": "in motion blackberry enterprise server for exchange mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1.2301548"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10"
},
{
"model": "in motion blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "4.1.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "in motion blackberry enterprise server for domino mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"model": "in motion blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "0.90"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.26"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8126538"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.24"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.43"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.2"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.33"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.44"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "in motion blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.9"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7108231"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.34"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.17"
},
{
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "intuity audix r5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "in motion blackberry enterprise server for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.37"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.17"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "coat systems proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.4.1.0"
},
{
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.3"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "in motion blackberry enterprise server for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1"
},
{
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.52"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.43"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "intuity lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.691891"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.32"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.11"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.22"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.2"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3185404"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "in motion blackberry enterprise server express for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.16"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.53"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.13"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.10"
},
{
"model": "in motion blackberry enterprise server for novell groupwise mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.35"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.19"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mozilla:firefox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:seamonkey",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:thunderbird",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:libpng:libpng",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipad",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipod_touch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fenrir-inc:pictbear",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001730"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Greg Roelofs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2010-1205",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-43810",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2010-1205",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1205",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#643615",
"trust": 0.8,
"value": "12.96"
},
{
"author": "NVD",
"id": "CVE-2010-1205",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-473",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-43810",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-1205",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. libpng Is PNG A vulnerability exists in the processing of files. libpng Crafted PNG A vulnerability exists that causes a buffer overflow when processing files. Libpng contains a vulnerability in the way it handles images containing an extra row of image data beyond the height reported in the image header. The \u0027libpng\u0027 library is prone to multiple vulnerabilities. \nThese issues affect versions prior to \u0027libpng\u0027 1.4.3 and 1.2.44. \n\nBackground\n==========\n\nlibpng is a standard library used to process PNG (Portable Network\nGraphics) images. It is used by several programs, including web\nbrowsers and potentially server processes. ----------------------------------------------------------------------\n\n\n\"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420.\"\n\nNon-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:\n\nhttp://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf\n\n\n----------------------------------------------------------------------\n\nTITLE:\nMozilla Thunderbird Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA40642\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40642/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40642\n\nRELEASE DATE:\n2010-07-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40642/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40642/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40642\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nSome weaknesses and vulnerabilities have been reported in Mozilla\nThunderbird, which can be exploited by malicious people to disclose\npotentially sensitive information, potentially conduct cross-site\nscripting attacks, bypass certain security restrictions, and\ncompromise a user\u0027s system. \n\nFor more information:\nSA39925\n\nSOLUTION:\nUpdate to Thunderbird 3.0.6 and 3.1.1. \n\nORIGINAL ADVISORY:\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-34.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-38.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-39.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-40.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-41.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-42.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-43.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-44.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-46.html\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-47.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nCVE-2010-1208\n\n \"regenrecht\" discovered that incorrect memory handling in DOM\n parsing could lead to the execution of arbitrary code. \n\nCVE-2010-1211\n\n Jesse Ruderman, Ehsan Akhgari, Mats Palmgren, Igor Bukanov, Gary\n Kwong, Tobias Markus and Daniel Holbert discovered crashes in the\n layout engine, which might allow the execution of arbitrary code. \n\nCVE-2010-2751\n\n Jordi Chancel discovered that the location could be spoofed to\n appear like a secured page. \n\nCVE-2010-2753\n\n \"regenrecht\" discovered that incorrect memory handling in XUL\n parsing could lead to the execution of arbitrary code. \n\nCVE-2010-2754\n\n Soroush Dalili discovered an information leak in script processing. \n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.9.0.19-3. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.1.11-1. \n\nFor the experimental distribution, these problems have been fixed in\nversion 1.9.2.7-1. \n\nWe recommend that you upgrade your xulrunner packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.diff.gz\n Size/MD5 checksum: 149955 e6ec4540373a8dfbea5c1e63f5b628b2\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.dsc\n Size/MD5 checksum: 1755 59f9033377f2450ad114d9ee4367f9c7\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz\n Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-3_all.deb\n Size/MD5 checksum: 1466246 a3b5c8b34df7e2077a5e3c5c0d911b85\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 165496 ad7c134eeadc1a2aa751c289052d32f1\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 433152 57f7a88c05eece5c0ea17517646267bb\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 72550 b581302383396b57f7e07aa4564245b3\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 51155444 37595efd28303ec3a88d294b58c1e7aa\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 9487312 452f2c3b26bb249711720ade76e77c3f\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 223422 9ce6e6f35412321405c27618a3550763\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 113478 f4946488381af317acb3bd27da3e372e\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 940250 abb2d020d4cce2e5547d17dd94323cee\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_alpha.deb\n Size/MD5 checksum: 3357434 a26b339fee481f1ae5494ee0983e3e75\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 50381710 4e6df9133e326ca7fe1d91adab87609b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 3291324 01a75923a6b796c2e1f3c02e4584072f\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 152266 0a9e05d5e36920cf9cb6c9e39357679b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 7735106 eedecb0183cd911bf7416be5f61cf88e\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 374604 7a71d4ce527727f43225fc1cdc6b3915\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 70226 f8860e988f030333c59f893582e17da0\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 890738 0db2e5b458ae1495dce575688a27ef2a\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 223326 1d128ae917c5dab4e977ffb018cb704c\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_amd64.deb\n Size/MD5 checksum: 101830 2bb9a62d6454d0b7ef6da98cc07b4013\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 140950 d9044d5f823661f4a1ef11c47971d6e2\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 3584768 6ff8221347684a334d6f358d2c8f2dcc\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 6802070 e489c87976c243d040f568a8e04a7466\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 351056 dd61fc5b425e296ef00120b4cfbc5604\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 68552 819703fc0550ee6473572ea3655ab1f5\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 84224 f3915220a86a6a31e48b845d2af7f249\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 222376 cb0563f3e5220ceb6f42b8e6471eb883\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 49349776 4037a4ab7eeb964c24c95fbb905edbe6\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_arm.deb\n Size/MD5 checksum: 815334 c055e242c82b7643c67712602e4f3215\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 822978 f8609edb961b6c71732c17575393644a\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 6962470 fc143ac75279405ef99a3e045439adeb\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 3583846 db81fc2e4c8a30fbaf0b176f6d7e77a5\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 142446 016a6aa2efa9e49788c97bc925d90bbb\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 353294 65f40d8a434c6b430685ef1a54246888\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 50182030 97009b62c3d65b5e715f363d7a5a2e0c\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 223380 30fd707dea85e43894c84036115920a3\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 70694 e5892c32e9850d86138ebf15ad317b63\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_armel.deb\n Size/MD5 checksum: 84758 a94402fed374f82a1ffeb338cb2a4cbb\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 223614 ea284c98cc97b10b879d6174b81cb486\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 899460 290c89b8835d773b8fd240f5610dc63c\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 72280 1d32724f444212696e28d15dc22386af\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 413386 e78a2aabb581f3f7f8da9cb531d6a883\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 158762 89855347fdf8833df8fd643cfd6a2f10\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 51267722 b51b03ef591a26a4bb72fb0c58e610c0\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 3632562 2d9a207f01319a7bd8f3eb72b3762c77\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 9523510 0f38b76b0074881d4b12823eedc40846\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_hppa.deb\n Size/MD5 checksum: 106998 32d701f55bd4cc6e0f7160c3b5db43aa\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 49553140 cd9fb750075df895e2ad46a8fe4c8bdf\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 852228 f04ee6f2c26e9bda77477d64a13f3c53\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 79554 e69019a20fc3e8750faf73961cae8a38\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 224454 c7e441828615fa66d9907b6407a2b1ad\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 351828 85e4711445491850841c2f05102f2bd2\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 6609818 b99e5d5f75686adcea1c3570fb82ead5\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 3573826 2869c274453928b8b110d8aee7dcba96\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 142966 847a37421b7980378c81c5e818c2df3d\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_i386.deb\n Size/MD5 checksum: 68968 1eee7343caee6a8a23a141bf6b653fa4\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 224078 a9dc6949ac6ef39884d1cb58929e20fc\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 3693822 602f37b927bc425803730a66d17e8bec\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 542370 6015bef0d96154f73c32b2031c8bbf70\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 77166 1a94ec379b6e210cf35c1116939fc5f7\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 813100 d0cdc640bf4a68973942cf563b7f7d7b\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 181192 54ef9505c0b0a0b62539dc3d983a8f83\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 11340432 b833d183a5337231c512aba60e733213\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 49734538 21b8086eb33e228f4a3800307a721558\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_ia64.deb\n Size/MD5 checksum: 121688 1e8f51c8c5d1097d5c0e4b8fd6743ec7\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 3611102 8f2980b314f14ff7cf1c244ed11ee638\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 145574 f38aa4d16323e517d075d1de833a7a35\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 380888 73bf50fdf8fd49a2251f3c13db9e0a2c\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 7677088 d034f72357eb3276850bea226dfc3489\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 96932 9c55e0f731b1a507e77abb54ea7c2b08\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 223126 cc6d3e47d51d4a15cd05ef6af47560c2\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 51902590 b9cafda15eba1ae28b5b054bd82e9d62\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 919306 764f458b99647036fbdb1b36768e9b99\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mips.deb\n Size/MD5 checksum: 70412 c674d096e73e7f353733e502bbc9cd05\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 378984 c66e5ff8815e2386755ece9c9a34b820\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 50034074 88479753fa54a417df183b78d0bb6ed1\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 145324 a801aeefc7fbf555ab407eaeb4c35295\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 70170 3145be02d89d6e205de5d89b269b9d8d\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 3311114 4dac1eff7f53b49976d984606e76afe6\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 900836 6727b545324904a39f31261db59f516b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 97046 2953be8b2d4df3994abd68d6f95de215\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 7384772 6666f68f98fa2cc81d9e3106c958360b\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mipsel.deb\n Size/MD5 checksum: 223416 a3ad25d92dc8f8e09352bc1fbce07989\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 95068 18f76fe7d470194c6320df8b42e7b09b\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 888120 b426372622e1ac0164db3f25589a5447\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 152544 e3b9205b45b66a3fcf4937c44897a7d8\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 3285670 a63c4ce33c3f482584b32cfe50488700\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 7287440 f9d042196ccedd4dfb4da6d3e45ca2b1\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 51458688 a669258d296192b6bd48b68006f9b618\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 223412 b900b19a182c059590bfcdb9495851ef\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 73306 94fdad8b176e63c0c791d19a026ce4b0\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_powerpc.deb\n Size/MD5 checksum: 362778 79f1ea4633cf0147da60871533750312\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 156410 6e986f5714d7052295a32253daea02a9\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 73182 f3b9b343586f554ac37e5c7c8970a28a\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 407006 5919961e64253609b9eacc6a31a19b87\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 8401766 a23f6d0b7ac0b83997635feff3977ac2\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 223402 f08c12d85314436f6331b75e2e18b1c7\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 909824 8c8c3aa62be4c19e97351562dcbe1694\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 3308768 50226e505e97362404ffbe3e770775fe\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 105828 1e5fc5d7be3c5ab803dd71e8391c06bb\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_s390.deb\n Size/MD5 checksum: 51242096 ebae3e5b1eb3fd2d9470cbe117b8ced9\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 49406432 caf251c788fe4f76679f600bd1d7b1c0\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 70192 33434a3b887ac076d88c0a4e425b3c29\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 144136 359a3cac1ee340f79eb9a53ac65f62ed\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 7181582 4b0f8aaf9a51e7c76073afbb7ea33c6e\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 3583844 11cb9b988b9eac3564f11ed310a8d77e\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 84544 0646f157f384a6a1ffcc3052035d1789\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 350470 1c643effc57e45c6afc964f2284cda7e\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 223260 77281a13fcc78aacd93cf479621ccf74\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_sparc.deb\n Size/MD5 checksum: 821854 32eba751571daa1dcd4db30e7a3b7b2c\n\n\n These files will probably be moved into the stable distribution on\n its next update. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. If the graphics file provides an extra graphics row that is higher than the height reported in the header, this overflow can be triggered, resulting in arbitrary code execution; in addition, when processing a certain There may be a memory leak when some sCAL blocks are used, and specially crafted PNG graphics may cause a denial of service. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0014\nSynopsis: VMware Workstation, Player, and ACE address several\n security issues. \nIssue date: 2010-09-23\nUpdated on: 2010-09-23 (initial release of advisory)\nCVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware Workstation and Player address a potential installer security\n issue and security issues in libpng. VMware ACE Management Server\n (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n VMware Workstation 7.1.1 and earlier,\n VMware Player 3.1.1 and earlier,\n VMware ACE Management Server 2.7.1 and earlier,\n\n Note: VMware Server was declared End Of Availability on January 2010,\n support will be limited to Technical Guidance for the duration\n of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n The Workstation 7.x and Player 3.x installers will load an index.htm\n file located in the current working directory on which Workstation\n 7.x or Player 3.x is being installed. This may allow an attacker to\n display a malicious file if they manage to get their file onto the\n system prior to installation. \n\n The issue can only be exploited at the time that Workstation 7.x or\n Player 3.x is being installed. Installed versions of Workstation and\n Player are not affected. The security issue is no longer present in\n the installer of the new versions of Workstation 7.x and Player 3.x\n (see table below for the version numbers). \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-3277 to this issue. \n\n VMware would like to thank Alexander Trofimov and Marc Esher for\n independently reporting this issue to VMware. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any 7.1.2 build 301548 or later *\n Workstation 6.5.x any not affected\n\n Player 3.x any 3.1.2 build 301548 or later *\n Player 2.5.x any not affected\n\n AMS any any not affected\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note: This only affects the installer, if you have a version of\n Workstation or Player installed you are not vulnerable. Third party libpng updated to version 1.2.44\n\n A buffer overflow condition in libpng is addressed that could\n potentially lead to code execution with the privileges of the\n application using libpng. Two potential denial of service issues\n are also addressed in the update. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.1.x any 7.1.2 build 301548 or later\n Workstation 6.5.x any affected, patch pending\n\n Player 3.1.x any 3.1.2 build 301548 or later\n Player 2.5.x any affected, patch pending\n\n AMS any any not affected\n\n Server any any affected, no patch planned\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n version 2.2.15. \n\n A function in Apache HTTP Server when multithreaded MPM is used\n does not properly handle headers in subrequests in certain\n circumstances which may allow remote attackers to obtain sensitive\n information via a crafted request that triggers access to memory\n locations associated with an earlier request. \n\n The Apache mod_isapi module can be forced to unload a specific\n library before the processing of a request is complete, resulting\n in memory corruption. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation any any not affected\n\n Player any any not affected\n\n AMS any Windows 2.7.2 build 301548 or later\n AMS any Linux affected, patch pending *\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 7.1.2\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n VMware Player 3.1.2\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n VMware Player for Windows 32-bit and 64-bit\t\n md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n VMware Player for Linux 32-bit\t\n md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n VMware Player for Linux 64-bit\t\n md5sum: 2ab08e0d4050719845a64d334ca15bb1\n sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n VMware ACE Management Server 2.7.2\n ----------------------------------\n http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n Release notes:\n http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n ACE Management Server for Windows\t\n md5sum: 02f0072b8e48a98ed914b633f070d550\n sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23 VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201301-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Mozilla Products: Multiple vulnerabilities\n Date: January 08, 2013\n Bugs: #180159, #181361, #207261, #238535, #246602, #251322,\n #255221, #255234, #255687, #257577, #260062, #261386,\n #262704, #267234, #273918, #277752, #280226, #280234,\n #280393, #282549, #284439, #286721, #290892, #292034,\n #297532, #305689, #307045, #311021, #312361, #312645,\n #312651, #312675, #312679, #312763, #313003, #324735,\n #326341, #329279, #336396, #341821, #342847, #348316,\n #357057, #360055, #360315, #365323, #373595, #379549,\n #381245, #388045, #390771, #395431, #401701, #403183,\n #404437, #408161, #413657, #419917, #427224, #433383,\n #437780, #439586, #439960, #444318\n ID: 201301-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Mozilla Firefox,\nThunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which\nmay allow execution of arbitrary code or local privilege escalation. \n\nBackground\n==========\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird\nan open-source email client, both from the Mozilla Project. The\nSeaMonkey project is a community effort to deliver production-quality\nreleases of code derived from the application formerly known as the\n\u0027Mozilla Application Suite\u0027. XULRunner is a Mozilla runtime package\nthat can be used to bootstrap XUL+XPCOM applications such as Firefox\nand Thunderbird. NSS is Mozilla\u0027s Network Security Services library\nthat implements PKI support. IceCat is the GNU version of Firefox. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/firefox \u003c 10.0.11 \u003e= 10.0.11\n 2 www-client/firefox-bin \u003c 10.0.11 \u003e= 10.0.11\n 3 mail-client/thunderbird \u003c 10.0.11 \u003e= 10.0.11\n 4 mail-client/thunderbird-bin\n \u003c 10.0.11 \u003e= 10.0.11\n 5 www-client/seamonkey \u003c 2.14-r1 \u003e= 2.14-r1\n 6 www-client/seamonkey-bin\n \u003c 2.14 \u003e= 2.14\n 7 dev-libs/nss \u003c 3.14 \u003e= 3.14\n 8 www-client/mozilla-firefox\n \u003c= 3.6.8 Vulnerable!\n 9 www-client/mozilla-firefox-bin\n \u003c= 3.5.6 Vulnerable!\n 10 mail-client/mozilla-thunderbird\n \u003c= 3.0.4-r1 Vulnerable!\n 11 mail-client/mozilla-thunderbird-bin\n \u003c= 3.0 Vulnerable!\n 12 www-client/icecat \u003c= 10.0-r1 Vulnerable!\n 13 net-libs/xulrunner \u003c= 2.0-r1 Vulnerable!\n 14 net-libs/xulrunner-bin \u003c= 1.8.1.19 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n 14 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox,\nThunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review\nthe CVE identifiers referenced below for details. Furthermore, a remote attacker may be able\nto perform Man-in-the-Middle attacks, obtain sensitive information,\nbypass restrictions and protection mechanisms, force file downloads,\nconduct XML injection attacks, conduct XSS attacks, bypass the Same\nOrigin Policy, spoof URL\u0027s for phishing attacks, trigger a vertical\nscroll, spoof the location bar, spoof an SSL indicator, modify the\nbrowser\u0027s font, conduct clickjacking attacks, or have other unspecified\nimpact. \n\nA local attacker could gain escalated privileges, obtain sensitive\ninformation, or replace an arbitrary downloaded file. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-10.0.11\"\n\nAll users of the Mozilla Firefox binary package should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-bin-10.0.11\"=\n\n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-10.0.11\"\n\nAll users of the Mozilla Thunderbird binary package should upgrade to\nthe latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-bin-10.0.11\"\n\nAll Mozilla SeaMonkey users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/seamonkey-2.14-r1\"\n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/seamonkey-bin-2.14\"\n\nAll NSS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/nss-3.14\"\n\nThe \"www-client/mozilla-firefox\" package has been merged into the\n\"www-client/firefox\" package. To upgrade, please unmerge\n\"www-client/mozilla-firefox\" and then emerge the latest\n\"www-client/firefox\" package:\n\n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox\"\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-10.0.11\"\n\nThe \"www-client/mozilla-firefox-bin\" package has been merged into the\n\"www-client/firefox-bin\" package. To upgrade, please unmerge\n\"www-client/mozilla-firefox-bin\" and then emerge the latest\n\"www-client/firefox-bin\" package:\n\n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox-bin\"\n # emerge --ask --oneshot --verbose \"\u003e=www-client/firefox-bin-10.0.11\"=\n\n\nThe \"mail-client/mozilla-thunderbird\" package has been merged into the\n\"mail-client/thunderbird\" package. To upgrade, please unmerge\n\"mail-client/mozilla-thunderbird\" and then emerge the latest\n\"mail-client/thunderbird\" package:\n\n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird\"\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-10.0.11\"\n\nThe \"mail-client/mozilla-thunderbird-bin\" package has been merged into\nthe \"mail-client/thunderbird-bin\" package. To upgrade, please unmerge\n\"mail-client/mozilla-thunderbird-bin\" and then emerge the latest\n\"mail-client/thunderbird-bin\" package:\n\n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird-bin\"\n # emerge --ask --oneshot -v \"\u003e=mail-client/thunderbird-bin-10.0.11\"\n\nGentoo discontinued support for GNU IceCat. We recommend that users\nunmerge GNU IceCat:\n\n # emerge --unmerge \"www-client/icecat\"\n\nGentoo discontinued support for XULRunner. We recommend that users\nunmerge XULRunner:\n\n # emerge --unmerge \"net-libs/xulrunner\"\n\nGentoo discontinued support for the XULRunner binary package. We\nrecommend that users unmerge XULRunner:\n\n # emerge --unmerge \"net-libs/xulrunner-bin\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-3101\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3101\n[ 2 ] CVE-2007-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2436\n[ 3 ] CVE-2007-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2437\n[ 4 ] CVE-2007-2671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2671\n[ 5 ] CVE-2007-3073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3073\n[ 6 ] CVE-2008-0016\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0016\n[ 7 ] CVE-2008-0017\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0017\n[ 8 ] CVE-2008-0367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0367\n[ 9 ] CVE-2008-3835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3835\n[ 10 ] CVE-2008-3836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3836\n[ 11 ] CVE-2008-3837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3837\n[ 12 ] CVE-2008-4058\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4058\n[ 13 ] CVE-2008-4059\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4059\n[ 14 ] CVE-2008-4060\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4060\n[ 15 ] CVE-2008-4061\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4061\n[ 16 ] CVE-2008-4062\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4062\n[ 17 ] CVE-2008-4063\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4063\n[ 18 ] CVE-2008-4064\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4064\n[ 19 ] CVE-2008-4065\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4065\n[ 20 ] CVE-2008-4066\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4066\n[ 21 ] CVE-2008-4067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4067\n[ 22 ] CVE-2008-4068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4068\n[ 23 ] CVE-2008-4069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4069\n[ 24 ] CVE-2008-4070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4070\n[ 25 ] CVE-2008-4582\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4582\n[ 26 ] CVE-2008-5012\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5012\n[ 27 ] CVE-2008-5013\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5013\n[ 28 ] CVE-2008-5014\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5014\n[ 29 ] CVE-2008-5015\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5015\n[ 30 ] CVE-2008-5016\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5016\n[ 31 ] CVE-2008-5017\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5017\n[ 32 ] CVE-2008-5018\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5018\n[ 33 ] CVE-2008-5019\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5019\n[ 34 ] CVE-2008-5021\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5021\n[ 35 ] CVE-2008-5022\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5022\n[ 36 ] CVE-2008-5023\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5023\n[ 37 ] CVE-2008-5024\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5024\n[ 38 ] CVE-2008-5052\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5052\n[ 39 ] CVE-2008-5500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5500\n[ 40 ] CVE-2008-5501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5501\n[ 41 ] CVE-2008-5502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5502\n[ 42 ] CVE-2008-5503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5503\n[ 43 ] CVE-2008-5504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5504\n[ 44 ] CVE-2008-5505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5505\n[ 45 ] CVE-2008-5506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5506\n[ 46 ] CVE-2008-5507\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5507\n[ 47 ] CVE-2008-5508\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5508\n[ 48 ] CVE-2008-5510\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5510\n[ 49 ] CVE-2008-5511\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5511\n[ 50 ] CVE-2008-5512\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5512\n[ 51 ] CVE-2008-5513\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5513\n[ 52 ] CVE-2008-5822\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822\n[ 53 ] CVE-2008-5913\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913\n[ 54 ] CVE-2008-6961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6961\n[ 55 ] CVE-2009-0071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071\n[ 56 ] CVE-2009-0071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071\n[ 57 ] CVE-2009-0352\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0352\n[ 58 ] CVE-2009-0353\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0353\n[ 59 ] CVE-2009-0354\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0354\n[ 60 ] CVE-2009-0355\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0355\n[ 61 ] CVE-2009-0356\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0356\n[ 62 ] CVE-2009-0357\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0357\n[ 63 ] CVE-2009-0358\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0358\n[ 64 ] CVE-2009-0652\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0652\n[ 65 ] CVE-2009-0771\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771\n[ 66 ] CVE-2009-0772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772\n[ 67 ] CVE-2009-0773\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773\n[ 68 ] CVE-2009-0774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774\n[ 69 ] CVE-2009-0775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775\n[ 70 ] CVE-2009-0776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776\n[ 71 ] CVE-2009-0777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777\n[ 72 ] CVE-2009-1044\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1044\n[ 73 ] CVE-2009-1169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1169\n[ 74 ] CVE-2009-1302\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302\n[ 75 ] CVE-2009-1303\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303\n[ 76 ] CVE-2009-1304\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304\n[ 77 ] CVE-2009-1305\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305\n[ 78 ] CVE-2009-1306\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306\n[ 79 ] CVE-2009-1307\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307\n[ 80 ] CVE-2009-1308\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308\n[ 81 ] CVE-2009-1309\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309\n[ 82 ] CVE-2009-1310\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310\n[ 83 ] CVE-2009-1311\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311\n[ 84 ] CVE-2009-1312\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312\n[ 85 ] CVE-2009-1313\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313\n[ 86 ] CVE-2009-1392\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1392\n[ 87 ] CVE-2009-1563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1563\n[ 88 ] CVE-2009-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1571\n[ 89 ] CVE-2009-1828\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1828\n[ 90 ] CVE-2009-1832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1832\n[ 91 ] CVE-2009-1833\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1833\n[ 92 ] CVE-2009-1834\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1834\n[ 93 ] CVE-2009-1835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1835\n[ 94 ] CVE-2009-1836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1836\n[ 95 ] CVE-2009-1837\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837\n[ 96 ] CVE-2009-1838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1838\n[ 97 ] CVE-2009-1839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1839\n[ 98 ] CVE-2009-1840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1840\n[ 99 ] CVE-2009-1841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1841\n[ 100 ] CVE-2009-2043\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2043\n[ 101 ] CVE-2009-2044\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2044\n[ 102 ] CVE-2009-2061\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2061\n[ 103 ] CVE-2009-2065\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2065\n[ 104 ] CVE-2009-2210\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2210\n[ 105 ] CVE-2009-2404\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2404\n[ 106 ] CVE-2009-2408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2408\n[ 107 ] CVE-2009-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2462\n[ 108 ] CVE-2009-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2463\n[ 109 ] CVE-2009-2464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2464\n[ 110 ] CVE-2009-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2465\n[ 111 ] CVE-2009-2466\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2466\n[ 112 ] CVE-2009-2467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2467\n[ 113 ] CVE-2009-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2469\n[ 114 ] CVE-2009-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2470\n[ 115 ] CVE-2009-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2471\n[ 116 ] CVE-2009-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2472\n[ 117 ] CVE-2009-2477\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2477\n[ 118 ] CVE-2009-2478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2478\n[ 119 ] CVE-2009-2479\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2479\n[ 120 ] CVE-2009-2535\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535\n[ 121 ] CVE-2009-2654\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654\n[ 122 ] CVE-2009-2662\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2662\n[ 123 ] CVE-2009-2664\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2664\n[ 124 ] CVE-2009-2665\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665\n[ 125 ] CVE-2009-3069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3069\n[ 126 ] CVE-2009-3070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3070\n[ 127 ] CVE-2009-3071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3071\n[ 128 ] CVE-2009-3072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3072\n[ 129 ] CVE-2009-3074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3074\n[ 130 ] CVE-2009-3075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3075\n[ 131 ] CVE-2009-3076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3076\n[ 132 ] CVE-2009-3077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3077\n[ 133 ] CVE-2009-3078\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3078\n[ 134 ] CVE-2009-3079\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3079\n[ 135 ] CVE-2009-3274\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3274\n[ 136 ] CVE-2009-3371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3371\n[ 137 ] CVE-2009-3372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3372\n[ 138 ] CVE-2009-3373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3373\n[ 139 ] CVE-2009-3374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3374\n[ 140 ] CVE-2009-3375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3375\n[ 141 ] CVE-2009-3376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3376\n[ 142 ] CVE-2009-3377\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3377\n[ 143 ] CVE-2009-3378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3378\n[ 144 ] CVE-2009-3379\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3379\n[ 145 ] CVE-2009-3380\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3380\n[ 146 ] CVE-2009-3381\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3381\n[ 147 ] CVE-2009-3382\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3382\n[ 148 ] CVE-2009-3383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3383\n[ 149 ] CVE-2009-3388\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3388\n[ 150 ] CVE-2009-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3389\n[ 151 ] CVE-2009-3555\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555\n[ 152 ] CVE-2009-3978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3978\n[ 153 ] CVE-2009-3979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3979\n[ 154 ] CVE-2009-3980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3980\n[ 155 ] CVE-2009-3981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3981\n[ 156 ] CVE-2009-3982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3982\n[ 157 ] CVE-2009-3983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3983\n[ 158 ] CVE-2009-3984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3984\n[ 159 ] CVE-2009-3985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3985\n[ 160 ] CVE-2009-3986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3986\n[ 161 ] CVE-2009-3987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3987\n[ 162 ] CVE-2009-3988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3988\n[ 163 ] CVE-2010-0159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0159\n[ 164 ] CVE-2010-0160\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0160\n[ 165 ] CVE-2010-0162\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0162\n[ 166 ] CVE-2010-0163\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163\n[ 167 ] CVE-2010-0164\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0164\n[ 168 ] CVE-2010-0165\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0165\n[ 169 ] CVE-2010-0166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0166\n[ 170 ] CVE-2010-0167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167\n[ 171 ] CVE-2010-0167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0167\n[ 172 ] CVE-2010-0168\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0168\n[ 173 ] CVE-2010-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169\n[ 174 ] CVE-2010-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0169\n[ 175 ] CVE-2010-0170\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0170\n[ 176 ] CVE-2010-0171\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171\n[ 177 ] CVE-2010-0171\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0171\n[ 178 ] CVE-2010-0172\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0172\n[ 179 ] CVE-2010-0173\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0173\n[ 180 ] CVE-2010-0174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174\n[ 181 ] CVE-2010-0174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174\n[ 182 ] CVE-2010-0175\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175\n[ 183 ] CVE-2010-0175\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175\n[ 184 ] CVE-2010-0176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176\n[ 185 ] CVE-2010-0176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176\n[ 186 ] CVE-2010-0177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177\n[ 187 ] CVE-2010-0178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178\n[ 188 ] CVE-2010-0179\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179\n[ 189 ] CVE-2010-0181\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181\n[ 190 ] CVE-2010-0182\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0182\n[ 191 ] CVE-2010-0183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183\n[ 192 ] CVE-2010-0220\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0220\n[ 193 ] CVE-2010-0648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0648\n[ 194 ] CVE-2010-0654\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0654\n[ 195 ] CVE-2010-1028\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1028\n[ 196 ] CVE-2010-1121\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1121\n[ 197 ] CVE-2010-1125\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125\n[ 198 ] CVE-2010-1196\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196\n[ 199 ] CVE-2010-1197\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197\n[ 200 ] CVE-2010-1198\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198\n[ 201 ] CVE-2010-1199\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199\n[ 202 ] CVE-2010-1200\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200\n[ 203 ] CVE-2010-1201\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201\n[ 204 ] CVE-2010-1202\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202\n[ 205 ] CVE-2010-1203\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203\n[ 206 ] CVE-2010-1205\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205\n[ 207 ] CVE-2010-1206\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1206\n[ 208 ] CVE-2010-1207\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1207\n[ 209 ] CVE-2010-1208\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1208\n[ 210 ] CVE-2010-1209\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1209\n[ 211 ] CVE-2010-1210\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1210\n[ 212 ] CVE-2010-1211\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1211\n[ 213 ] CVE-2010-1212\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1212\n[ 214 ] CVE-2010-1213\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1213\n[ 215 ] CVE-2010-1214\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1214\n[ 216 ] CVE-2010-1215\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1215\n[ 217 ] CVE-2010-1585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1585\n[ 218 ] CVE-2010-2751\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2751\n[ 219 ] CVE-2010-2752\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2752\n[ 220 ] CVE-2010-2753\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2753\n[ 221 ] CVE-2010-2754\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2754\n[ 222 ] CVE-2010-2755\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2755\n[ 223 ] CVE-2010-2760\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2760\n[ 224 ] CVE-2010-2762\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2762\n[ 225 ] CVE-2010-2763\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2763\n[ 226 ] CVE-2010-2764\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2764\n[ 227 ] CVE-2010-2765\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2765\n[ 228 ] CVE-2010-2766\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2766\n[ 229 ] CVE-2010-2767\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2767\n[ 230 ] CVE-2010-2768\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2768\n[ 231 ] CVE-2010-2769\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2769\n[ 232 ] CVE-2010-2770\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2770\n[ 233 ] CVE-2010-3131\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3131\n[ 234 ] CVE-2010-3166\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3166\n[ 235 ] CVE-2010-3167\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3167\n[ 236 ] CVE-2010-3168\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3168\n[ 237 ] CVE-2010-3169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3169\n[ 238 ] CVE-2010-3170\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3170\n[ 239 ] CVE-2010-3171\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171\n[ 240 ] CVE-2010-3173\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3173\n[ 241 ] CVE-2010-3174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3174\n[ 242 ] CVE-2010-3175\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3175\n[ 243 ] CVE-2010-3176\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3176\n[ 244 ] CVE-2010-3177\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3177\n[ 245 ] CVE-2010-3178\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3178\n[ 246 ] CVE-2010-3179\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3179\n[ 247 ] CVE-2010-3180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3180\n[ 248 ] CVE-2010-3182\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3182\n[ 249 ] CVE-2010-3183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3183\n[ 250 ] CVE-2010-3399\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3399\n[ 251 ] CVE-2010-3400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400\n[ 252 ] CVE-2010-3765\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3765\n[ 253 ] CVE-2010-3766\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3766\n[ 254 ] CVE-2010-3767\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3767\n[ 255 ] CVE-2010-3768\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3768\n[ 256 ] CVE-2010-3769\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3769\n[ 257 ] CVE-2010-3770\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3770\n[ 258 ] CVE-2010-3771\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3771\n[ 259 ] CVE-2010-3772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3772\n[ 260 ] CVE-2010-3773\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3773\n[ 261 ] CVE-2010-3774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3774\n[ 262 ] CVE-2010-3775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3775\n[ 263 ] CVE-2010-3776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3776\n[ 264 ] CVE-2010-3777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3777\n[ 265 ] CVE-2010-3778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3778\n[ 266 ] CVE-2010-4508\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4508\n[ 267 ] CVE-2010-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-5074\n[ 268 ] CVE-2011-0051\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0051\n[ 269 ] CVE-2011-0053\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0053\n[ 270 ] CVE-2011-0054\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0054\n[ 271 ] CVE-2011-0055\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0055\n[ 272 ] CVE-2011-0056\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0056\n[ 273 ] CVE-2011-0057\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0057\n[ 274 ] CVE-2011-0058\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0058\n[ 275 ] CVE-2011-0059\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0059\n[ 276 ] CVE-2011-0061\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0061\n[ 277 ] CVE-2011-0062\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0062\n[ 278 ] CVE-2011-0065\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0065\n[ 279 ] CVE-2011-0066\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0066\n[ 280 ] CVE-2011-0067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0067\n[ 281 ] CVE-2011-0068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0068\n[ 282 ] CVE-2011-0069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0069\n[ 283 ] CVE-2011-0070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0070\n[ 284 ] CVE-2011-0071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0071\n[ 285 ] CVE-2011-0072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0072\n[ 286 ] CVE-2011-0073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0073\n[ 287 ] CVE-2011-0074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0074\n[ 288 ] CVE-2011-0075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0075\n[ 289 ] CVE-2011-0076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0076\n[ 290 ] CVE-2011-0077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0077\n[ 291 ] CVE-2011-0078\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0078\n[ 292 ] CVE-2011-0079\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0079\n[ 293 ] CVE-2011-0080\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0080\n[ 294 ] CVE-2011-0081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0081\n[ 295 ] CVE-2011-0082\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0082\n[ 296 ] CVE-2011-0083\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0083\n[ 297 ] CVE-2011-0084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0084\n[ 298 ] CVE-2011-0085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0085\n[ 299 ] CVE-2011-1187\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1187\n[ 300 ] CVE-2011-1202\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1202\n[ 301 ] CVE-2011-1712\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1712\n[ 302 ] CVE-2011-2362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2362\n[ 303 ] CVE-2011-2363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2363\n[ 304 ] CVE-2011-2364\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2364\n[ 305 ] CVE-2011-2365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2365\n[ 306 ] CVE-2011-2369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2369\n[ 307 ] CVE-2011-2370\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2370\n[ 308 ] CVE-2011-2371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2371\n[ 309 ] CVE-2011-2372\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2372\n[ 310 ] CVE-2011-2373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2373\n[ 311 ] CVE-2011-2374\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2374\n[ 312 ] CVE-2011-2375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2375\n[ 313 ] CVE-2011-2376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2376\n[ 314 ] CVE-2011-2377\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2377\n[ 315 ] CVE-2011-2378\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2378\n[ 316 ] CVE-2011-2605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2605\n[ 317 ] CVE-2011-2980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2980\n[ 318 ] CVE-2011-2981\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2981\n[ 319 ] CVE-2011-2982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2982\n[ 320 ] CVE-2011-2983\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2983\n[ 321 ] CVE-2011-2984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2984\n[ 322 ] CVE-2011-2985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2985\n[ 323 ] CVE-2011-2986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2986\n[ 324 ] CVE-2011-2987\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2987\n[ 325 ] CVE-2011-2988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2988\n[ 326 ] CVE-2011-2989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2989\n[ 327 ] CVE-2011-2990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2990\n[ 328 ] CVE-2011-2991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2991\n[ 329 ] CVE-2011-2993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2993\n[ 330 ] CVE-2011-2995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2995\n[ 331 ] CVE-2011-2996\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2996\n[ 332 ] CVE-2011-2997\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2997\n[ 333 ] CVE-2011-2998\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2998\n[ 334 ] CVE-2011-2999\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2999\n[ 335 ] CVE-2011-3000\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3000\n[ 336 ] CVE-2011-3001\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3001\n[ 337 ] CVE-2011-3002\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3002\n[ 338 ] CVE-2011-3003\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3003\n[ 339 ] CVE-2011-3004\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3004\n[ 340 ] CVE-2011-3005\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3005\n[ 341 ] CVE-2011-3026\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026\n[ 342 ] CVE-2011-3062\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3062\n[ 343 ] CVE-2011-3232\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3232\n[ 344 ] CVE-2011-3389\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389\n[ 345 ] CVE-2011-3640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3640\n[ 346 ] CVE-2011-3647\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647\n[ 347 ] CVE-2011-3648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3648\n[ 348 ] CVE-2011-3649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3649\n[ 349 ] CVE-2011-3650\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3650\n[ 350 ] CVE-2011-3651\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3651\n[ 351 ] CVE-2011-3652\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3652\n[ 352 ] CVE-2011-3653\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3653\n[ 353 ] CVE-2011-3654\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3654\n[ 354 ] CVE-2011-3655\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3655\n[ 355 ] CVE-2011-3658\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3658\n[ 356 ] CVE-2011-3659\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3659\n[ 357 ] CVE-2011-3660\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3660\n[ 358 ] CVE-2011-3661\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3661\n[ 359 ] CVE-2011-3663\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3663\n[ 360 ] CVE-2011-3665\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3665\n[ 361 ] CVE-2011-3670\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3670\n[ 362 ] CVE-2011-3866\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3866\n[ 363 ] CVE-2011-4688\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4688\n[ 364 ] CVE-2012-0441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0441\n[ 365 ] CVE-2012-0442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0442\n[ 366 ] CVE-2012-0443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0443\n[ 367 ] CVE-2012-0444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0444\n[ 368 ] CVE-2012-0445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0445\n[ 369 ] CVE-2012-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0446\n[ 370 ] CVE-2012-0447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0447\n[ 371 ] CVE-2012-0449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0449\n[ 372 ] CVE-2012-0450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0450\n[ 373 ] CVE-2012-0451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0451\n[ 374 ] CVE-2012-0452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0452\n[ 375 ] CVE-2012-0455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0455\n[ 376 ] CVE-2012-0456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0456\n[ 377 ] CVE-2012-0457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0457\n[ 378 ] CVE-2012-0458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0458\n[ 379 ] CVE-2012-0459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0459\n[ 380 ] CVE-2012-0460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0460\n[ 381 ] CVE-2012-0461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0461\n[ 382 ] CVE-2012-0462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0462\n[ 383 ] CVE-2012-0463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0463\n[ 384 ] CVE-2012-0464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0464\n[ 385 ] CVE-2012-0467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0467\n[ 386 ] CVE-2012-0468\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0468\n[ 387 ] CVE-2012-0469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0469\n[ 388 ] CVE-2012-0470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0470\n[ 389 ] CVE-2012-0471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0471\n[ 390 ] CVE-2012-0473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0473\n[ 391 ] CVE-2012-0474\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0474\n[ 392 ] CVE-2012-0475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0475\n[ 393 ] CVE-2012-0477\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0477\n[ 394 ] CVE-2012-0478\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0478\n[ 395 ] CVE-2012-0479\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0479\n[ 396 ] CVE-2012-1937\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1937\n[ 397 ] CVE-2012-1938\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1938\n[ 398 ] CVE-2012-1939\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1939\n[ 399 ] CVE-2012-1940\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1940\n[ 400 ] CVE-2012-1941\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1941\n[ 401 ] CVE-2012-1945\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1945\n[ 402 ] CVE-2012-1946\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1946\n[ 403 ] CVE-2012-1947\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1947\n[ 404 ] CVE-2012-1948\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1948\n[ 405 ] CVE-2012-1949\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1949\n[ 406 ] CVE-2012-1950\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1950\n[ 407 ] CVE-2012-1951\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1951\n[ 408 ] CVE-2012-1952\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1952\n[ 409 ] CVE-2012-1953\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1953\n[ 410 ] CVE-2012-1954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1954\n[ 411 ] CVE-2012-1955\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1955\n[ 412 ] CVE-2012-1956\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1956\n[ 413 ] CVE-2012-1957\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1957\n[ 414 ] CVE-2012-1958\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1958\n[ 415 ] CVE-2012-1959\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1959\n[ 416 ] CVE-2012-1960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1960\n[ 417 ] CVE-2012-1961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1961\n[ 418 ] CVE-2012-1962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1962\n[ 419 ] CVE-2012-1963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1963\n[ 420 ] CVE-2012-1964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1964\n[ 421 ] CVE-2012-1965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1965\n[ 422 ] CVE-2012-1966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1966\n[ 423 ] CVE-2012-1967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1967\n[ 424 ] CVE-2012-1970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1970\n[ 425 ] CVE-2012-1971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1971\n[ 426 ] CVE-2012-1972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1972\n[ 427 ] CVE-2012-1973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1973\n[ 428 ] CVE-2012-1974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1974\n[ 429 ] CVE-2012-1975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1975\n[ 430 ] CVE-2012-1976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1976\n[ 431 ] CVE-2012-1994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1994\n[ 432 ] CVE-2012-3956\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3956\n[ 433 ] CVE-2012-3957\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3957\n[ 434 ] CVE-2012-3958\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3958\n[ 435 ] CVE-2012-3959\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3959\n[ 436 ] CVE-2012-3960\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3960\n[ 437 ] CVE-2012-3961\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3961\n[ 438 ] CVE-2012-3962\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3962\n[ 439 ] CVE-2012-3963\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3963\n[ 440 ] CVE-2012-3964\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3964\n[ 441 ] CVE-2012-3965\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3965\n[ 442 ] CVE-2012-3966\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3966\n[ 443 ] CVE-2012-3967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3967\n[ 444 ] CVE-2012-3968\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3968\n[ 445 ] CVE-2012-3969\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3969\n[ 446 ] CVE-2012-3970\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3970\n[ 447 ] CVE-2012-3971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3971\n[ 448 ] CVE-2012-3972\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3972\n[ 449 ] CVE-2012-3973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3973\n[ 450 ] CVE-2012-3975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3975\n[ 451 ] CVE-2012-3976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3976\n[ 452 ] CVE-2012-3977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3977\n[ 453 ] CVE-2012-3978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3978\n[ 454 ] CVE-2012-3980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3980\n[ 455 ] CVE-2012-3982\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3982\n[ 456 ] CVE-2012-3984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3984\n[ 457 ] CVE-2012-3985\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3985\n[ 458 ] CVE-2012-3986\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3986\n[ 459 ] CVE-2012-3988\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3988\n[ 460 ] CVE-2012-3989\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3989\n[ 461 ] CVE-2012-3990\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3990\n[ 462 ] CVE-2012-3991\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3991\n[ 463 ] CVE-2012-3992\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3992\n[ 464 ] CVE-2012-3993\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3993\n[ 465 ] CVE-2012-3994\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3994\n[ 466 ] CVE-2012-3995\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3995\n[ 467 ] CVE-2012-4179\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4179\n[ 468 ] CVE-2012-4180\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4180\n[ 469 ] CVE-2012-4181\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4181\n[ 470 ] CVE-2012-4182\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4182\n[ 471 ] CVE-2012-4183\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4183\n[ 472 ] CVE-2012-4184\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4184\n[ 473 ] CVE-2012-4185\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4185\n[ 474 ] CVE-2012-4186\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4186\n[ 475 ] CVE-2012-4187\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4187\n[ 476 ] CVE-2012-4188\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4188\n[ 477 ] CVE-2012-4190\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4190\n[ 478 ] CVE-2012-4191\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4191\n[ 479 ] CVE-2012-4192\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4192\n[ 480 ] CVE-2012-4193\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4193\n[ 481 ] CVE-2012-4194\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4194\n[ 482 ] CVE-2012-4195\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4195\n[ 483 ] CVE-2012-4196\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4196\n[ 484 ] CVE-2012-4201\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4201\n[ 485 ] CVE-2012-4202\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4202\n[ 486 ] CVE-2012-4204\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4204\n[ 487 ] CVE-2012-4205\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4205\n[ 488 ] CVE-2012-4206\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4206\n[ 489 ] CVE-2012-4207\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4207\n[ 490 ] CVE-2012-4208\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4208\n[ 491 ] CVE-2012-4209\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4209\n[ 492 ] CVE-2012-4210\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4210\n[ 493 ] CVE-2012-4212\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4212\n[ 494 ] CVE-2012-4215\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4215\n[ 495 ] CVE-2012-4216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4216\n[ 496 ] CVE-2012-5354\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5354\n[ 497 ] CVE-2012-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5829\n[ 498 ] CVE-2012-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5830\n[ 499 ] CVE-2012-5833\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5833\n[ 500 ] CVE-2012-5835\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5835\n[ 501 ] CVE-2012-5836\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5836\n[ 502 ] CVE-2012-5838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5838\n[ 503 ] CVE-2012-5839\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5839\n[ 504 ] CVE-2012-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5840\n[ 505 ] CVE-2012-5841\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5841\n[ 506 ] CVE-2012-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5842\n[ 507 ] CVE-2012-5843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5843\n[ 508 ] Firefox Blocking Fraudulent Certificates\n\nhttp://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c=\nertificates/\n[ 509 ] Mozilla Foundation Security Advisory 2011-11\n http://www.mozilla.org/security/announce/2011/mfsa2011-11.html\n[ 510 ] Mozilla Foundation Security Advisory 2011-34\n http://www.mozilla.org/security/announce/2011/mfsa2011-34.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201301-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nBackground\n==========\n\nFor more information on the packages listed in this GLSA, please see\ntheir homepage referenced in the ebuild. \n\n* Insight\n* Perl Tk Module\n* Source-Navigator\n* Tk\n* Partimage\n* Mlmmj\n* acl\n* Xinit\n* gzip\n* ncompress\n* liblzw\n* splashutils\n* GNU M4\n* KDE Display Manager\n* GTK+\n* KGet\n* dvipng\n* Beanstalk\n* Policy Mount\n* pam_krb5\n* GNU gv\n* LFTP\n* Uzbl\n* Slim\n* Bitdefender Console\n* iputils\n* DVBStreamer\n\nImpact\n======\n\nA context-dependent attacker may be able to gain escalated privileges,\nexecute arbitrary code, cause Denial of Service, obtain sensitive\ninformation, or otherwise bypass security restrictions. Updates for all affected architectures\nhave been available since 2011. It is likely that your system is\nalready no longer affected by these issues. Latest xulrunner and\n mozilla-thunderbird has been patched as a precaution for 2008.0 wheres\n on 2009.0 and up the the system libpng library is used instead of the\n bundled copy. \n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm\n 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm\n 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm\n fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm\n d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm\n 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm\n 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm\n b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm\n b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm\n 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm\n 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm\n ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm\n 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm\n c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm\n fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm\n c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm\n 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm\n ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm\n 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm\n bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm\n e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm\n 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm\n df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm\n 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm\n 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm\n 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm\n 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm\n 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm\n abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm\n bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm\n 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm\n d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm\n 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm\n 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm\n 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Corporate 4.0:\n be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm\n 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm\n 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm\n e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm\n 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm\n 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm\n e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm\n e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm\n 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm\n 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm\n c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm\n 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm\n 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. ===========================================================\nUbuntu Security Notice USN-930-4 July 23, 2010\nfirefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities\nCVE-2008-5913, CVE-2010-0654, CVE-2010-1121, CVE-2010-1125,\nCVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199,\nCVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203,\nCVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208,\nCVE-2010-1209, CVE-2010-1210, CVE-2010-1211, CVE-2010-1212,\nCVE-2010-1213, CVE-2010-1214, CVE-2010-1215, CVE-2010-2751,\nCVE-2010-2752, CVE-2010-2753, CVE-2010-2754\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 9.04:\n abrowser 3.6.7+build2+nobinonly-0ubuntu0.9.04.1\n firefox-3.0 3.6.7+build2+nobinonly-0ubuntu0.9.04.1\n xulrunner-1.9.2 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2\n\nUbuntu 9.10:\n firefox-3.5 3.6.7+build2+nobinonly-0ubuntu0.9.10.1\n xulrunner-1.9.2 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2\n\nMozilla has changed the support model for Firefox and they no longer\nsupport version 3.0 of the browser and will only support version 3.5 of the\nbrowser for a while longer. As a result, Ubuntu is providing an upgrade to\nFirefox 3.6 for Ubuntu 9.04 and 9.10 users, which is the most current\nstable release of Firefox supported by Mozilla. When upgrading, users\nshould be aware of the following:\n\n- Firefox 3.6 does not support version 5 of the Sun Java plugin. Please use\n icedtea6-plugin or sun-java6-plugin instead. \n- After upgrading to Firefox 3.6.6, users may be prompted to upgrade 3rd\n party Add-Ons. In some cases, an Add-On will not be compatible with\n Firefox 3.6.6 and have no update available. In these cases, Firefox will\n notify the user that it is disabling the Add-On. \n- Font configuration cannot be controlled via Gnome settings. This is a\n known issue being tracked in https://launchpad.net/bugs/559149 and will\n be fixed in a later update. \n- helix-player is not currently supported in Firefox 3.6. This is a known\n issue and may be fixed in a future update. \n- Plugins using external helpers (such as Totem) may not close when using\n the Epiphany browser. This is a known issue being tracked in\n https://launchpad.net/bugs/599796 and will be fixed in a later update. \n This issue only affects Ubuntu 9.04. \n- The OpenJDK java plugin is not available in Ubuntu 9.04 on Sparc\n hardware. This will be fixed in a future update. \n\nAfter a standard system upgrade you need to restart Firefox and any\napplications that use Xulrunner to effect the necessary changes. \n\nDetails follow:\n\nUSN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update\nprovides the corresponding updates for Ubuntu 9.04 and 9.10, along with\nadditional updates affecting Firefox 3.6.6. \n\nSeveral flaws were discovered in the browser engine of Firefox. If a user\nwere tricked into viewing a malicious site, a remote attacker could use\nthis to crash the browser or possibly run arbitrary code as the user\ninvoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,\nCVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed plugin\nparameters. An attacker could exploit this to crash the browser or possibly\nrun arbitrary code as the user invoking the program. (CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a user were\ntricked into viewing a malicious site, a remote attacker code execute\narbitrary JavaScript with chrome privileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed CSS values. An\nattacker could exploit this to crash the browser or possibly run arbitrary\ncode as the user invoking the program. (CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox interpreted the XUL\n\u003ctree\u003e element. If a user were tricked into viewing a malicious site, a\nremote attacker could use this to crash the browser or possibly run\narbitrary code as the user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle certain malformed\nPNG images. If a user were tricked into opening a crafted PNG file, an\nattacker could cause a denial of service or possibly execute arbitrary code\nwith the privileges of the user invoking the program. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin\ncheck in Firefox could be bypassed by utilizing the importScripts Web\nWorker method. If a user were tricked into viewing a malicious website, an\nattacker could exploit this to read data from other domains. \n(CVE-2010-1213, CVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined positions within\ncertain 8 bit encodings. An attacker could utilize this to perform\ncross-site scripting attacks. (CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no\ncontent) code. An attacker could exploit this to spoof the location bar,\nsuch as in a phishing attack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly handle when a server\nresponds to an HTTPS request with plaintext and then processes JavaScript\nhistory events. An attacker could exploit this to spoof the location bar,\nsuch as in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process improper CSS\nselectors. If a user were tricked into viewing a malicious website, an\nattacker could exploit this to read data from other domains. \n(CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly handle script error\noutput. An attacker could use this to access URL parameters from other\ndomains. (CVE-2010-2754)\n\nOriginal advisory details:\n\n If was discovered that Firefox could be made to access freed memory. (CVE-2010-1121)\n \n Several flaws were discovered in the browser engine of Firefox. (CVE-2010-1200, CVE-2010-1201,\n CVE-2010-1202, CVE-2010-1203)\n \n A flaw was discovered in the way plugin instances interacted. An attacker\n could potentially exploit this and use one plugin to access freed memory from a\n second plugin to execute arbitrary code with the privileges of the user\n invoking the program. (CVE-2010-1198)\n \n An integer overflow was discovered in Firefox. If a user were tricked into\n viewing a malicious site, an attacker could overflow a buffer and cause a\n denial of service or possibly execute arbitrary code with the privileges of\n the user invoking the program. (CVE-2010-1196)\n \n Martin Barbella discovered an integer overflow in an XSLT node sorting\n routine. (CVE-2010-1199)\n \n Michal Zalewski discovered that the focus behavior of Firefox could be\n subverted. If a user were tricked into viewing a malicious site, a remote\n attacker could use this to capture keystrokes. (CVE-2010-1125)\n \n Ilja van Sprundel discovered that the \u0027Content-Disposition: attachment\u0027\n HTTP header was ignored when \u0027Content-Type: multipart\u0027 was also present. \n Under certain circumstances, this could potentially lead to cross-site\n scripting attacks. (CVE-2010-1197)\n \n Amit Klein discovered that Firefox did not seed its random number generator\n often enough. An attacker could exploit this to identify and track users\n across different web sites. (CVE-2008-5913)\n\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 67119 0d7f276c870914e97be8016c470c0acc\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.diff.gz\n Size/MD5: 144826 b71440bbda1a9a19aa3434ad6a00c486\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.dsc\n Size/MD5: 2552 0e63965d7e1ba8d0c024793dae18a651\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly.orig.tar.gz\n Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72226 e41f4ba0e1ee2812d09f178ce649be97\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72392 fb339d706ee66252e70e96d62c33b305\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72228 d3b045b5cafba2c50b75eb3c5c0a590a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72218 6a5c7d950490e1b8265bac1bc15abeb1\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72240 e1de71fa375ab4896e29dafcca783dba\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72574 f4cb1ee7572ed2ab316313ecbb3ed84f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72236 2dece76f652e27494e7487f4e68f646a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72222 c4aebcd1ce9c8b621b7297b7088d2ef4\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72256 3caf1296c3c06121157b6614170e1083\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72226 d1f70077a0e3ed2fee170c02bfb03e7c\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72212 133df734e76a4477af91dec984aa2694\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72240 6efcfef2ed5164204686ce075d23332d\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb\n Size/MD5: 72210 07339b8304124d7afbacf53943f0500f\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 7798876 759f27c1d6635a6d04b07c9a73f54f3c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb\n Size/MD5: 72330 b9692de7b7947e32c1f678a9d554effa\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb\n Size/MD5: 72764 706e5682afbbc54334bb823fe92e9d0c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb\n Size/MD5: 12504700 0c81c0201b8a6b3aef72d2213d9d38b2\n http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_amd64.deb\n Size/MD5: 29308 4174c5e062a927f5f4fd445bc3f2b7ce\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 9913748 ad706c2a0c670ea9bc6de7109211c8e4\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb\n Size/MD5: 72340 b19f20096548fc8981367cd9d431379f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb\n Size/MD5: 72762 faaacee4aa7e2fd7fa961a88c4b86d0f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb\n Size/MD5: 11192572 5adae55773b0ca8e438c7252046f705b\n http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_i386.deb\n Size/MD5: 29308 ca6a787a65220583746b55366ae9ac44\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 4830218 0d3caf5b20aba2975f9f7e423c6b3b69\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb\n Size/MD5: 72332 099275f779e538dc54e913593084b7bc\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb\n Size/MD5: 72762 ee7361261892014edfc1a69365672c17\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb\n Size/MD5: 10687418 2a010333c02ed1112cbef0544cf73cf1\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_lpia.deb\n Size/MD5: 29308 5fb3d21190e1e8012b08b694c4b9239c\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 4812772 94b728d013dee6371b8cc4ebef11430c\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb\n Size/MD5: 72340 6318359d26cfa32d4e1eeda6c8916aa4\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb\n Size/MD5: 72770 e5449bcbe442fa1385d7b2ecbc8c1831\n http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb\n Size/MD5: 11583662 a73467d63e46af2f21b2e46fa0f29797\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_powerpc.deb\n Size/MD5: 29310 69a2c47902bb366a50c2bb3fa9053131\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 75512 a49a96a5d589e39a77720fe70706da03\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_sparc.deb\n Size/MD5: 29312 e66a94b78d1d6476b05736a82c4ed49c\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 2621 74297592edce6f55313193967daaebeb\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.diff.gz\n Size/MD5: 155727 0e58cb5f9e5293c40564e944e50437a6\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.dsc\n Size/MD5: 2758 e6647365f000313a96f9a72b4dc8022f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly.orig.tar.gz\n Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 29714 b4ee604ee0d4dbdc448a74f6f746528c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75716 8ec52b07f2b60dbb381909a6b7e5f039\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75964 69b4baf1c2b4ce75ced092dbdb44266b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75700 22bd34473ba1abe7501b247f7d8980b5\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75702 3dc765e62e9300dd5a57d512be2e3c3b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75700 1ae9b7c023259e8f9fa994c24efeb07f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75706 f4a1b34f657927ca5eaf15cf9976e336\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75704 80434fb6b98bd5ddafbd0d9d472b9416\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75698 1e6cffa413775771f086d3238ed84a6b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75722 b3dea417d76e06235b1f7c267d4871fe\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 76052 9c59d599f01a4af2337515c224164b11\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75718 70e6d5d57e356e78500d8558e6ec7f72\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 8938 3085a96f8f815fbb01b21dd67d4b423d\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75710 45b7c94ece697097b83adb8bc09b5769\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 8940 8d60975aeb324b31426a64d0a1485320\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 8930 e9c41de371986cf16137aa0a8baa1635\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75710 191d51d184569650814b7d1e87e808a3\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75720 f18da780b4b8e57685667bb94faeac19\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75726 6bef8a651c1763ca5fdd3140bd7ae915\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-venkman_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75714 408c0fa73ac828fa9acae2a7ff02e6f7\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75692 3c4f3ef8332997b0a72bda0e436ab0fe\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75708 c3f238accf868508d1d44a3984a0deda\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75722 41bf0606552717a9988db2bd929b3862\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75692 e27ae8b4a4875eff55fedd2c3da9499e\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb\n Size/MD5: 75710 49ada82e615b86ac74f5880b656d8914\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 10675764 276cf6fd80197d8edf64b2c885c5e540\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb\n Size/MD5: 76196 ec574586607cd1da65dd5ee7c1f17317\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb\n Size/MD5: 12502768 ef8749c8ba4b15a29631f69baccf6984\n http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_amd64.deb\n Size/MD5: 29196 766569469e7d1d805a16b659607cb228\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/\n Size/MD5: 43286 e1e37c33ecc0918fcd518e5748c767e2\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb\n Size/MD5: 76198 06d415ebee45883afa9de06a4bf00ba2\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb\n Size/MD5: 11217372 c3ddffd8a035d3be397ffc112c17e0a9\n http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_i386.deb\n Size/MD5: 29190 c59e1bbc03df75b63c72a956530ecdff\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 4794796 0f04c58b1898ef6ff8c42e9f696cf943\n http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb\n Size/MD5: 76192 ac0e4a03520b896085dbc4b1e524c397\n http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb\n Size/MD5: 10720482 e9459f2ddd0b28adc40e37bc46de87d8\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_lpia.deb\n Size/MD5: 29194 b5c356758ef5adb4468c85577660061a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 64642040 19a96c0ae2726790da3efb566ac4fdb0\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_powerpc.deb\n Size/MD5: 29200 69d071a75fcd766841f7f428ec9eb806\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/\n Size/MD5: 7629538 5042de0cdebf36ad17e6485b966ec94f\n http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_sparc.deb\n Size/MD5: 29194 f154cda4e06288f639db4d6024c26695\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "92112"
},
{
"db": "PACKETSTORM",
"id": "92059"
},
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "119293"
},
{
"db": "PACKETSTORM",
"id": "129513"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "PACKETSTORM",
"id": "92111"
},
{
"db": "PACKETSTORM",
"id": "92156"
},
{
"db": "PACKETSTORM",
"id": "91973"
}
],
"trust": 3.87
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-43810",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=14422",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1205",
"trust": 4.0
},
{
"db": "BID",
"id": "41174",
"trust": 2.9
},
{
"db": "VUPEN",
"id": "ADV-2010-1612",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "40302",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-2491",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1837",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1755",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-3046",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1877",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1637",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-3045",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-1846",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40472",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "41574",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42317",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40547",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42314",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40336",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#643615",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "40642",
"trust": 0.9
},
{
"db": "VUPEN",
"id": "ADV-2010-1859",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "39925",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "40688",
"trust": 0.8
},
{
"db": "XF",
"id": "59815",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001730",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "48909",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "92011",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "91973",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "14422",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-69444",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91619",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-43810",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-1205",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94522",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92112",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92059",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92229",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94244",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "119293",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92097",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91878",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92111",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92156",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "92112"
},
{
"db": "PACKETSTORM",
"id": "92059"
},
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "119293"
},
{
"db": "PACKETSTORM",
"id": "129513"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "PACKETSTORM",
"id": "92111"
},
{
"db": "PACKETSTORM",
"id": "92156"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"id": "VAR-201006-1188",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-43810"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T22:22:13.193000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4456"
},
{
"title": "HT4312",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4312"
},
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4457"
},
{
"title": "HT4554",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4554"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435"
},
{
"title": "HT4566",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4566"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP"
},
{
"title": "HT4566",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4566?viewlocale=ja_JP"
},
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4456?viewlocale=jp_JP"
},
{
"title": "HT4312",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4312?viewlocale=ja_JP"
},
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4457?viewlocale=ja_JP"
},
{
"title": "HT4554",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP"
},
{
"title": "firefox-3.6.7-3.0.1.AXS3, xulrunner-1.9.2.7-3.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1214"
},
{
"title": "libpng-1.2.10-7.1.3.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1210"
},
{
"title": "libpng Home Page",
"trust": 0.8,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"title": "2079",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2079"
},
{
"title": "2097",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2097"
},
{
"title": "2111",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2111"
},
{
"title": "2078",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2078"
},
{
"title": "MFSA 2010-41",
"trust": 0.8,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"title": "MFSA 2010-41",
"trust": 0.8,
"url": "http://www.mozilla-japan.org/security/announce/2010/mfsa2010-41.html"
},
{
"title": "RHSA-2010:0547",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0547.html"
},
{
"title": "RHSA-2010:0546",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0546.html"
},
{
"title": "multiple_vulnerabilities_in_libpng",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng"
},
{
"title": "VMSA-2010-0014",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"title": "pictbear",
"trust": 0.8,
"url": "http://www.fenrir.co.jp/pictbear"
},
{
"title": "libpng Repair measures for memory corruption and denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126302"
},
{
"title": "Red Hat: Critical: seamonkey security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100546 - Security Advisory"
},
{
"title": "Debian CVElist Bug Report Logs: libpng: CVE-2010-1205 and CVE-2010-2249",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=184c5adf52ad398a58919ac7993ba9b9"
},
{
"title": "Mozilla: Remote code execution using malformed PNG image",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=mozilla_advisories\u0026qid=d846dfedec9f2e8b79ff9b299c65c005"
},
{
"title": "Debian Security Advisories: DSA-2072-1 libpng -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=3e96a347c5dea429ac96a3e5e90fb285"
},
{
"title": "Ubuntu Security Notice: libpng vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-960-1"
},
{
"title": "Red Hat: Critical: firefox security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100547 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: thunderbird vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-958-1"
},
{
"title": "Debian Security Advisories: DSA-2075-1 xulrunner -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=fa5c93137e44116ffb255e585f0961fc"
},
{
"title": "Ubuntu Security Notice: firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-957-1"
},
{
"title": "Ubuntu Security Notice: firefox, firefox-3.0, xulrunner-1.9.2 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-957-2"
},
{
"title": "Ubuntu Security Notice: firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-930-4"
},
{
"title": "Ubuntu Security Notice: ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-930-5"
},
{
"title": "Exploit Development: Case Studies\nWindows\nUnix-like",
"trust": 0.1,
"url": "https://github.com/dyjakan/exploit-development-case-studies "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/sambacha/mirror-radamsa "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/StephenHaruna/RADAMSA "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/benoit-a/radamsa "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/g60ocR/radamsa "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-Fuzzer "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/nqwang/radamsa "
},
{
"title": "A Crash Course to Radamsa\nFAQ",
"trust": 0.1,
"url": "https://github.com/Hwangtaewon/radamsa "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608238"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/41174"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/40302"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/1612"
},
{
"trust": 2.2,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"trust": 2.1,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//aug/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00004.html"
},
{
"trust": 1.8,
"url": "http://blackberry.com/btsc/kb27244"
},
{
"trust": 1.8,
"url": "http://code.google.com/p/chromium/issues/detail?id=45983"
},
{
"trust": 1.8,
"url": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4312"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4456"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4457"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4554"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4566"
},
{
"trust": 1.8,
"url": "http://trac.webkit.org/changeset/61816"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
},
{
"trust": 1.8,
"url": "https://bugs.webkit.org/show_bug.cgi?id=40798"
},
{
"trust": 1.8,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=570451"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044283.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044397.html"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:133"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"trust": 1.8,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11851"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40336"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40472"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40547"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/41574"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42314"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42317"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-960-1"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59815"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"trust": 1.5,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18"
},
{
"trust": 1.1,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3ba=commitdiff%3bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/643615"
},
{
"trust": 0.8,
"url": "http://libpng.org/pub/png/libpng.html"
},
{
"trust": 0.8,
"url": "http://admin.fedoraproject.org/updates/libpng-1.2.44-1.fc13"
},
{
"trust": 0.8,
"url": "http://admin.fedoraproject.org/updates/libpng-1.2.44-1.fc12"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/59815"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu643615"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu935740"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1205"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/39925"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40642"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/40688"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/1859"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerability-has-been-identified-in-bigfix-platform-shipped-with-ibm-license-metric-tool-2/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/48909"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0654"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1208"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_libpng"
},
{
"trust": 0.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa65"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100092842"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100093925"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100108439"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100148396"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb27244"
},
{
"trust": 0.3,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249"
},
{
"trust": 0.3,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.3,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1207"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1206"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1210"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1209"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2754"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2753"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1211"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1121"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1202"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5913"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1125"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1196"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1201"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1198"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1200"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1199"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1203"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1197"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2751"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1214"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-6218"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1212"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2752"
},
{
"trust": 0.2,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1213"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2010\u0026amp;m=slackware-security.613061"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2010:0546"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/92011/libpng-1.4.2-denial-of-service.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/960-1/"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/14422/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201010-01.xml"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser-data_2.26.1-0ubuntu1.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-gcj_1.7.1-4ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.19.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.25.3-3ubuntu1.9.10.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.19.1-0ubuntu14.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b18-1.8-4ubuntu3~9.04.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser_2.26.1-0ubuntu1.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/python-packagekit_0.3.14-0ubuntu5.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b18-1.8-4ubuntu3~9.04.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser_2.26.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/w/webfav/webfav_1.16-0ubuntu1.9.10.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-4ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.04.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apturl/apturl_0.3.3ubuntu1.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/w/webfav/webfav_1.16-0ubuntu1.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dev_2.25.3-3ubuntu1.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/gluezilla_2.0.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.04.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-4ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-doc_2.19.1-0ubuntu14.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/w/webfav/webfav_1.11-0ubuntu1.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.25.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/gluezilla_2.0-1ubuntu1.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional_1.7.1-0ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/w/webfav/webfav_1.11-0ubuntu1.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8-4ubuntu3~9.04.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b18-1.8-4ubuntu3~9.04.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b18-1.8-4ubuntu3~9.10.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-4ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-0ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser_2.26.1-0ubuntu1.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-gcj_1.7.1-4ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-0ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional-gcj_1.7.1-4ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.10.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apturl/apturl_0.3.3ubuntu1.2.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.04.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.19.1-0ubuntu14.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8-4ubuntu3~9.04.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/599954"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional_1.7.1-4ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apturl/apturl_0.3.3ubuntu1.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional-gcj_1.7.1-4ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-4ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-4ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras_2.19.1-0ubuntu14.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/gnome-python-extras_2.25.3-3ubuntu1.9.10.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gksu2_2.25.3-3ubuntu1.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.19.1-0ubuntu14.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit-backend-apt_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-0ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras_2.25.3-3ubuntu1.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkspell_2.25.3-3ubuntu1.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser-dbg_2.26.1-0ubuntu1.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dev_2.19.1-0ubuntu14.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/gluezilla_2.0-1ubuntu1.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gda_2.25.3-3ubuntu1.9.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b18-1.8-4ubuntu3~9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser-dev_2.26.1-0ubuntu1.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-4ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-optional-gcj_1.7.1-0ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_0.9.5-1ubuntu2.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/w/webfav/webfav_1.16-0ubuntu1.9.10.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8-4ubuntu3~9.10.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gnome2-extras-dbg_2.25.3-3ubuntu1.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/l/liferea/liferea-dbg_1.4.26-0ubuntu1.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant_1.7.1-4ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b18-1.8-4ubuntu3~9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib-dev_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/w/webfav/webfav_1.11.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.19.1-0ubuntu14.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/p/packagekit/gstreamer0.10-packagekit_0.3.14-0ubuntu5.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/w/webfav/webfav_1.11-0ubuntu1.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-doc_1.7.1-0ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-eggtrayicon_2.25.3-3ubuntu1.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b18-1.8-4ubuntu3~9.10.2_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt11_0.3.14-0ubuntu5.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/u/ubufox/ubufox_0.9~rc2-0ubuntu0.9.10.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.28.0.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-doc_1.7.1-4ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b18-1.8-4ubuntu3~9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/ant/ant-gcj_1.7.1-0ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozvoikko/mozvoikko_1.0-1ubuntu3.9.10.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/l/liferea/liferea_1.4.26-0ubuntu1.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkmozembed_2.25.3-3ubuntu1.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/w/webfav/webfav_1.16.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.28.0-0ubuntu2.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/mozilla-packagekit_0.3.14-0ubuntu5.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b18-1.8-4ubuntu3~9.10.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gtkhtml2_2.25.3-3ubuntu1.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-qt-dev_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/p/packagekit/packagekit_0.3.14-0ubuntu5.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b18-1.8-4ubuntu3~9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gnome-python-extras/python-gdl_2.25.3-3ubuntu1.9.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/p/packagekit/libpackagekit-glib11_0.3.14-0ubuntu5.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/packagekit-backend-yum_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/e/epiphany-browser/epiphany-browser_2.26.1-0ubuntu1.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b18-1.8-4ubuntu3~9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b18-1.8-4ubuntu3~9.10.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.25.1-0ubuntu5.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b18-1.8-4ubuntu3~9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/e/epiphany-browser/epiphany-gecko_2.26.1-0ubuntu1.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/p/packagekit/packagekit-backend-smart_0.3.14-0ubuntu5.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b18-1.8-4ubuntu3~9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/g/gluezilla/libgluezilla_2.0-1ubuntu1.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/g/gnome-python-extras/python-gtkhtml2-dbg_2.19.1-0ubuntu14.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b18-1.8-4ubuntu3~9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-40.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-38.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-42.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-39.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/gfx/pdf/secunia_half_year_report_2010.pdf"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-34.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-44.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40642/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-43.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-47.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-46.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40642/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40642"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0182"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisoiries"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0079"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4688"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0082"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4061"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1210"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4181"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1832"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4058"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1828"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0353"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2766"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4061"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3767"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0473"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0172"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0479"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2043"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3175"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3655"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2760"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1187"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0456"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2770"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1125"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3958"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3777"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3003"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0067"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3174"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0168"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0057"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0443"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3376"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5017"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1940"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0182"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4179"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1208"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2375"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2376"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3971"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3772"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3965"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1834"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2472"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2767"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1952"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0078"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0170"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0164"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0775"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3400"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1211"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2769"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4188"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5012"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4206"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5354"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5504"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4067"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0477"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0475"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2408"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1304"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4201"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4202"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4182"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1206"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1975"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2044"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4068"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5507"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4059"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5023"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1308"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1044"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5508"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0070"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4065"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1307"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3866"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0080"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1213"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0352"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5014"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2664"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0051"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3989"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3371"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3382"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4068"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4582"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5502"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4193"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2437"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3978"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3993"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5506"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3375"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3078"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0173"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3969"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1311"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4066"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3658"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3004"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1950"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1215"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4062"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0167"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3381"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0452"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-3837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3994"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3167"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4065"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5022"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5024"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0468"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3026"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1203"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2061"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0085"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1945"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4184"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1959"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4060"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0068"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0016"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2065"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4066"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0081"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4063"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1955"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1302"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5503"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3374"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3968"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1028"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4059"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3005"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4185"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0176"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5839"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1121"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3661"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2765"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5913"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3169"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5843"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3663"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3651"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5016"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2372"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1951"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3274"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1197"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1953"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4067"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2997"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3778"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2996"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3232"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0061"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4063"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-3073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0354"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5500"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3380"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1212"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0357"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0773"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0220"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0071"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0777"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0055"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5052"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0165"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2464"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2378"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3131"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0160"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5513"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3986"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2752"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3388"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2469"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2753"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3650"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3002"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2764"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2751"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4190"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2477"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1833"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2768"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0358"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2373"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3670"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3987"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3976"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4582"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3377"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4208"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1956"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4186"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0054"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3166"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5014"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2662"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1309"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3957"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5840"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1207"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0445"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2998"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0355"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1200"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3077"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0056"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3101"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5501"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4195"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4209"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1962"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3660"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2762"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5833"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1839"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0648"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3101"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3168"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0072"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2995"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3399"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0171"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2983"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5841"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5838"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5019"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2985"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0458"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3659"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3837"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0066"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-3836"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0174"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5842"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0457"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3176"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5511"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0356"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4205"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3379"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4064"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4508"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-34.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1310"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0016"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1306"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3079"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0073"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0474"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0444"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0455"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4062"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3647"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4210"
},
{
"trust": 0.1,
"url": "http://blog.mozilla.org/security/2011/03/22/firefox-blocking-fraudulent-c="
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0017"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1305"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0446"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3966"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0181"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5013"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0450"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1214"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1196"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0449"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0062"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1841"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3179"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0367"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3765"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1947"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3070"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4060"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3992"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0175"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1712"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1199"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2365"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2404"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3775"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1198"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2535"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1938"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5505"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1946"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5512"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-5074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4187"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3766"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2437"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1949"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3776"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5830"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0075"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1202"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0652"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1958"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5015"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0163"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0179"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1313"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0159"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1939"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3972"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3182"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4207"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-6961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2990"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3178"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4069"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3180"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4191"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3956"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4204"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2763"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3986"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3654"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2364"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3389"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3963"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0464"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1209"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2754"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2210"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1202"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3982"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3173"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3774"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3995"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5510"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4192"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2463"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0467"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1964"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3959"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3770"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3769"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0772"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3665"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4196"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5822"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2466"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3649"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3653"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3768"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2478"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3988"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1312"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-11.html"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0058"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3771"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2479"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3383"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1303"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2465"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3170"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2377"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3991"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5012"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1957"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2755"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1948"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3961"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0470"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3773"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0166"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1571"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3984"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3640"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3981"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1970"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0461"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4215"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5021"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4058"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0451"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0771"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0017"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3836"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5013"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4212"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0459"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0076"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0083"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0460"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0183"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1201"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3960"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0059"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0177"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3062"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5018"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3177"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3980"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2363"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0084"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3652"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1941"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201301-01.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3074"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1937"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-3835"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0053"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3171"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2999"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0471"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0065"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0162"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3373"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2665"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0360"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4029"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0001"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2251"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2741"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2060"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-6218"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0829"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-6661"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201412-08.xml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2056"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2060"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2251"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2042"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-5907"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-6661"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1382"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0946"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2741"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2056"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2529"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4029"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0001"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1511"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3736"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1511"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2624"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0360"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2809"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0553"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0732"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4896"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4896"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0829"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2945"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-3005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4411"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0946"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-5907"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2624"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1000"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2192"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1382"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-2_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-2-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.8.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.5-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/firefox/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.8.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/abrowser-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/f/firefox/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-2-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-2-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/abrowser-3.5_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1215"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-2-libthai_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-3.5-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-gnome-support_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dbg_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-testsuite-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support-dbg_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-3.5-dev_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox/firefox_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/abrowser-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/abrowser_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-2-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-1.9.2-dev_1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-branding_3.6.7+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6218"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/599796"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/559149"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-venkman_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dbg_3.0.6+build2+nobinonly-0ubuntu0.10.04.1_powerpc.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "92112"
},
{
"db": "PACKETSTORM",
"id": "92059"
},
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "119293"
},
{
"db": "PACKETSTORM",
"id": "129513"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "PACKETSTORM",
"id": "92111"
},
{
"db": "PACKETSTORM",
"id": "92156"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#643615"
},
{
"db": "VULHUB",
"id": "VHN-43810"
},
{
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "92112"
},
{
"db": "PACKETSTORM",
"id": "92059"
},
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "119293"
},
{
"db": "PACKETSTORM",
"id": "129513"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "PACKETSTORM",
"id": "92111"
},
{
"db": "PACKETSTORM",
"id": "92156"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-02T00:00:00",
"db": "CERT/CC",
"id": "VU#643615"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-43810"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"date": "2010-06-25T00:00:00",
"db": "BID",
"id": "41174"
},
{
"date": "2010-07-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"date": "2010-10-05T22:16:57",
"db": "PACKETSTORM",
"id": "94522"
},
{
"date": "2010-07-23T19:57:40",
"db": "PACKETSTORM",
"id": "92112"
},
{
"date": "2010-07-22T14:16:23",
"db": "PACKETSTORM",
"id": "92059"
},
{
"date": "2010-07-28T01:22:06",
"db": "PACKETSTORM",
"id": "92229"
},
{
"date": "2010-07-20T00:53:34",
"db": "PACKETSTORM",
"id": "91973"
},
{
"date": "2010-09-25T18:50:30",
"db": "PACKETSTORM",
"id": "94244"
},
{
"date": "2013-01-08T03:21:24",
"db": "PACKETSTORM",
"id": "119293"
},
{
"date": "2014-12-12T17:37:19",
"db": "PACKETSTORM",
"id": "129513"
},
{
"date": "2010-07-23T18:04:51",
"db": "PACKETSTORM",
"id": "92097"
},
{
"date": "2010-07-16T04:34:46",
"db": "PACKETSTORM",
"id": "91878"
},
{
"date": "2010-07-23T19:51:43",
"db": "PACKETSTORM",
"id": "92111"
},
{
"date": "2010-07-26T20:52:04",
"db": "PACKETSTORM",
"id": "92156"
},
{
"date": "2010-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"date": "2010-06-30T18:30:01.333000",
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-12T00:00:00",
"db": "CERT/CC",
"id": "VU#643615"
},
{
"date": "2020-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-43810"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1205"
},
{
"date": "2015-04-13T21:46:00",
"db": "BID",
"id": "41174"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001730"
},
{
"date": "2021-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-473"
},
{
"date": "2024-11-21T01:13:52.653000",
"db": "NVD",
"id": "CVE-2010-1205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "92229"
},
{
"db": "PACKETSTORM",
"id": "92097"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libpng fails to limit number of rows in header",
"sources": [
{
"db": "CERT/CC",
"id": "VU#643615"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-473"
}
],
"trust": 0.6
}
}
var-201404-0334
Vulnerability from variot
vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as non-exploitable.". VMware Player is a free software that allows PC users to easily run virtual machines on Windows or Linux PCs. VMWare Workstation is a popular virtual machine application. Allows a local attacker to cause a blue screen, causing the system to crash. Local attackers with access to a guest operating system can exploit this issue to crash the host operating system, effectively denying service to legitimate users.
The Blue Screen is triggered because the vulnerable function doesn\x92t check if a pointer to a memory page is valid or not, thus causing a memory access violation by trying to read from an unallocated memory page.
Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/
Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited.
Disclaimer: The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0334",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "10.0.1_build_1379776"
},
{
"model": "player",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "6.0.1_build_1379776"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.0.1 build 1379776"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "10.0.1 build 1379776"
},
{
"model": "workstation build-1379776",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "10.0.1"
},
{
"model": "player build-1379776",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "6.0.1 build 1379776",
"scope": null,
"trust": 0.2,
"vendor": "player",
"version": null
},
{
"model": "10.0.1 build 1379776",
"scope": null,
"trust": 0.2,
"vendor": "workstation",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02126"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-224"
},
{
"db": "NVD",
"id": "CVE-2014-2384"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kyriakos Economou",
"sources": [
{
"db": "BID",
"id": "66784"
},
{
"db": "PACKETSTORM",
"id": "126135"
}
],
"trust": 0.4
},
"cve": "CVE-2014-2384",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2014-2384",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2014-02126",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-2384",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-2384",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-02126",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-224",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02126"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-224"
},
{
"db": "NVD",
"id": "CVE-2014-2384"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports \"Vendor rated issue as non-exploitable.\". VMware Player is a free software that allows PC users to easily run virtual machines on Windows or Linux PCs. VMWare Workstation is a popular virtual machine application. Allows a local attacker to cause a blue screen, causing the system to crash. \nLocal attackers with access to a guest operating system can exploit this issue to crash the host operating system, effectively denying service to legitimate users. \n\nThe Blue Screen is triggered because the vulnerable function doesn\\x92t\ncheck if a pointer to a memory page is valid or not, thus causing a\nmemory access violation by trying to read from an unallocated memory page. \n\n\nFurther details at:\nhttps://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/\n\n\nCopyright:\nCopyright (c) Portcullis Computer Security Limited 2014, All rights\nreserved worldwide. Permission is hereby granted for the electronic\nredistribution of this information. It is not to be edited or altered in\nany way without the express written consent of Portcullis Computer\nSecurity Limited. \n\nDisclaimer:\nThe information herein contained may change without notice. Use of this\ninformation constitutes acceptance for use in an AS IS condition. There\nare NO warranties, implied or otherwise, with regard to this information\nor its use. Any use of this information is at the user\u0027s risk. In no\nevent shall the author/distributor (Portcullis Computer Security\nLimited) be held liable for any damages whatsoever arising out of or in\nconnection with the use or spread of this information",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2384"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
},
{
"db": "CNVD",
"id": "CNVD-2014-02126"
},
{
"db": "BID",
"id": "66784"
},
{
"db": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "126135"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2384",
"trust": 3.6
},
{
"db": "CNVD",
"id": "CNVD-2014-02126",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201404-224",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002139",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "105193",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20140411 CVE-2014-2384 - INVALID POINTER DEREFERENCE IN VMWARE WORKSTATION AND PLAYER",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "26505",
"trust": 0.6
},
{
"db": "BID",
"id": "66784",
"trust": 0.3
},
{
"db": "IVD",
"id": "A2D83B08-1EE0-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126135",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02126"
},
{
"db": "BID",
"id": "66784"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
},
{
"db": "PACKETSTORM",
"id": "126135"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-224"
},
{
"db": "NVD",
"id": "CVE-2014-2384"
}
]
},
"id": "VAR-201404-0334",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02126"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02126"
}
]
},
"last_update_date": "2024-11-23T22:42:37.952000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u30c8\u30c3\u30d7\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.vmware.com/jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
},
{
"db": "NVD",
"id": "CVE-2014-2384"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2014/apr/163"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2384"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2384"
},
{
"trust": 0.6,
"url": "http://osvdb.com/show/osvdb/105193"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/26505"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2384"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-02126"
},
{
"db": "BID",
"id": "66784"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
},
{
"db": "PACKETSTORM",
"id": "126135"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-224"
},
{
"db": "NVD",
"id": "CVE-2014-2384"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02126"
},
{
"db": "BID",
"id": "66784"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
},
{
"db": "PACKETSTORM",
"id": "126135"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-224"
},
{
"db": "NVD",
"id": "CVE-2014-2384"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-04T00:00:00",
"db": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d"
},
{
"date": "2014-04-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02126"
},
{
"date": "2014-04-11T00:00:00",
"db": "BID",
"id": "66784"
},
{
"date": "2014-04-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002139"
},
{
"date": "2014-04-12T03:50:36",
"db": "PACKETSTORM",
"id": "126135"
},
{
"date": "2014-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-224"
},
{
"date": "2014-04-15T23:13:15.697000",
"db": "NVD",
"id": "CVE-2014-2384"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02126"
},
{
"date": "2014-04-11T00:00:00",
"db": "BID",
"id": "66784"
},
{
"date": "2014-04-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002139"
},
{
"date": "2014-04-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-224"
},
{
"date": "2024-11-21T02:06:11.310000",
"db": "NVD",
"id": "CVE-2014-2384"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "66784"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-224"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Run on VMware Workstation and VMware Player of vmx86.sys Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002139"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Resource management error",
"sources": [
{
"db": "IVD",
"id": "a2d83b08-1ee0-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-224"
}
],
"trust": 0.8
}
}
var-201004-0994
Vulnerability from variot
The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. plural VMware Product virtual network stack host OS A vulnerability exists in which important information is obtained from the above memory.Hosted by a third party OS Important information may be obtained from the above memory. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. VMWare products do not implement the virtual network stack correctly. Users on the guest operating system can obtain partial memory from the host's vmware-vmx process. Multiple VMware-hosted products are prone to an information-disclosure vulnerability. This can allow the attackers to harvest potentially sensitive information that can aid in further attacks. The following applications are vulnerable: Workstation Player ACE Server Fusion NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
- Summary
VMware hosted products, vCenter Server and ESX patches resolve multiple security issues.
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details. Windows-based VMware Tools Arbitrary Code Execution vulnerability
A vulnerability in the way VMware executables are loaded allows for
arbitrary code execution in the context of the logged on user.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities
The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.
Vulnerabilities in the decoder allow for execution of arbitrary
code with the privileges of the user running an application
utilizing the vulnerable codec.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below. VMware Remote Console format string vulnerability
VMware Remote Console (VMrc) contains a format string vulnerability.
Exploitation of this issue may lead to arbitrary code execution on
the system where VMrc is installed.
For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404
ESXi 3.5
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .
For more information see vulnerabilities #3 through #7 in: SA39206
SOLUTION: Restrict local access to trusted users only. Do not open untrusted images or video files.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Johann MacDonagh.
Background
VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.
A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.
Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS).
Workaround
There is no known workaround at this time. We recommend that users unmerge VMware Server:
# emerge --unmerge "app-emulation/vmware-server"
References
[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201209-25.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
Secunia CSI + Microsoft SCCM
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
TITLE: VMware Products Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA39206
VERIFY ADVISORY: http://secunia.com/advisories/39206/
DESCRIPTION: Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system.
NOTE: This vulnerability cannot be exploited without administrative privileges on recent Windows versions (e.g. Windows XP and Windows Vista).
3) An error in libpng can be exploited to disclose uninitialised memory via a specially crafted image.
For more information: SA35346
4) A boundary error and two integer truncation errors in the VMnc codec can be exploited to potentially execute arbitrary code.
For more information: SA36712
5) An error in the VMware Authorization Service ("vmware-authd") can be exploited to cause a crash.
For more information: SA39203
7) A format string error in "vmrun" can be exploited to potentially gain escalated privileges.
For more information: SA39201
SOLUTION: Update to a fixed version.
PROVIDED AND/OR DISCOVERED BY: 4) Alin Rad Pop, Secunia Research
The vendor also credits: 1) Jure Skofic and Mitja Kolsek of ACROS Security 2) Thierry Zoller 4) iDefense and Sebastien Renaud of Vupen 6) Johann MacDonagh 7) Thomas Toth-Steiner
ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html
Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/
OTHER REFERENCES: SA35346: http://secunia.com/advisories/35346/
SA36712: http://secunia.com/advisories/36712/
SA36988: http://secunia.com/advisories/36988/
SA39198: http://secunia.com/advisories/39198/
SA39201: http://secunia.com/advisories/39201/
SA39203: http://secunia.com/advisories/39203/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0994",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fusion",
"scope": "eq",
"trust": 3.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "7.0"
},
{
"model": "player",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "2.6"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.6"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.5"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.4"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "server",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "player",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "player",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "3.0"
},
{
"model": "workstation for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5"
},
{
"model": "workstation for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3185404"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2156735"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "player for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "player for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.6196839"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2147997"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2"
},
{
"model": "ace build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "ace build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "ace build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "workstation for linux build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "7.0.1227600"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "player for linux build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1227600"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "fusion build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1232708"
},
{
"model": "fusion build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.7246742"
},
{
"model": "ace build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.6.1227600"
},
{
"model": "ace build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "BID",
"id": "39395"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "NVD",
"id": "CVE-2010-1138"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:ace",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:fusion",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1138",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2010-1138",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1138",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-1138",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-157",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-1138",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "NVD",
"id": "CVE-2010-1138"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. plural VMware Product virtual network stack host OS A vulnerability exists in which important information is obtained from the above memory.Hosted by a third party OS Important information may be obtained from the above memory. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. VMWare products do not implement the virtual network stack correctly. Users on the guest operating system can obtain partial memory from the host\u0027s vmware-vmx process. Multiple VMware-hosted products are prone to an information-disclosure vulnerability. This can allow the attackers to harvest potentially sensitive information that can aid in further attacks. \nThe following applications are vulnerable:\nWorkstation\nPlayer\nACE\nServer\nFusion\nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. Summary\n\n VMware hosted products, vCenter Server and ESX patches resolve\n multiple security issues. \n\n2. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n A vulnerability in the way VMware libraries are referenced allows\n for arbitrary code execution in the context of the logged on user. This file could be in any file format. The attacker will\n need to have the ability to host their malicious files on a\n network share. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n\n Steps needed to remediate this vulnerability:\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the remediated version of Workstation, Player, ACE,\n Server and Fusion. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. Windows-based VMware Tools Arbitrary Code Execution vulnerability\n\n A vulnerability in the way VMware executables are loaded allows for\n arbitrary code execution in the context of the logged on user. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the Virtual Machine of the user. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n escalation\n\n A vulnerability in the USB service allows for a privilege\n escalation. A local attacker on the host of a Windows-based\n Operating System where VMware Workstation or VMware Player\n is installed could plant a malicious executable on the host and\n elevate their privileges. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities\n\n The VMware movie decoder contains the VMnc media codec that is\n required to play back movies recorded with VMware Workstation,\n VMware Player and VMware ACE, in any compatible media player. The\n movie decoder is installed as part of VMware Workstation, VMware\n Player and VMware ACE, or can be downloaded as a stand alone\n package. \n\n Vulnerabilities in the decoder allow for execution of arbitrary\n code with the privileges of the user running an application\n utilizing the vulnerable codec. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. VMware Remote Console format string vulnerability\n\n VMware Remote Console (VMrc) contains a format string vulnerability. \n Exploitation of this issue may lead to arbitrary code execution on\n the system where VMrc is installed. \n\n For an attack to be successful, an attacker would need to trick the\n VMrc user into opening a malicious Web page or following a malicious\n URL. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Linux-based vmrun format string vulnerability\n\n A format string vulnerability in vmrun could allow arbitrary code\n execution. \n\n If a vmrun command is issued and processes are listed, code could\n be executed in the context of the user listing the processes. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n VIX API any Windows not affected\n VIX API 1.6.x Linux upgrade to VIX API 1.7 or later\n VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows not affected\n Workstation 6.5.x Linux 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x Windows not affected\n Player 2.5.x Linux 2.5.4 build 246459 or later\n\n Ace any Windows not affected\n\n Server 2.x Windows not affected\n Server 2.x Linux not being fixed at this time\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n VIX API 1.6 for Windows\n Version 2.0.2 | 203138 - 10/26/09\n 37 MB image\n md5sum: 827e65e70803ec65ade62dd27a74407a\n sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n For Linux\n\n VMware Server 2 for Linux Operating Systems. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 451 MB TAR image\n md5sum: cc7aef813008eeb7150c21547d431b39\n sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n VMware Fusion 3.0.2\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n VMware Fusion 3.0.2 (for Intel-based Macs)\n md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n VMware Fusion 2.0.7\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n VMware Fusion 2.0.7 (for Intel-based Macs)\n md5sum: a293f5ce6ccc227760640753386e9da6\n sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n VMware Fusion 2.0.7 Light (for Intel-based Macs)\n md5sum: d4772d118fb90323f598849e70c21189\n sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n ----------------------------------------------\n VIX API for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host\n md5sum:b494fc3092f07d0f29cc06a19fe61306\n sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n VIX API for Linux 32-bit\n md5sum:6b0ed8872d8b714363cddc68b6a77008\n sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n VIX API for Linux 64-bit\n md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n VIX API Version: 1.8.1 | 2009-10-11 | 207905\n ---------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:4f21e4cb518767bc08045f5a39f5d41f\n sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n VIX API for Linux 32-bit\n md5sum:f347e94d907c26754540d59956ee5d53\n sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n VIX API for Linux 64-bit\n md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n VIX API Version: 1.10 Beta | 01/28/10 | 222403\n ----------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n VIX API for Linux 32-bit\n md5sum:07d1989d042e317eb9d2b3daf269dda7\n sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n VIX API for Linux 64-bit\n md5sum:9b345008e0adec3c044988307294944b\n sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n ESXi\n ----\n ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n md5sum: e5aa2968d389594abdc59cbac7b0183d\n sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n http://kb.vmware.com/kb/1018404\n\n ESXi 3.5\n --------\n ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n ESXe350-200912401-O-BG from December 2009. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nFor more information see vulnerabilities #3 through #7 in:\nSA39206\n\nSOLUTION:\nRestrict local access to trusted users only. Do not open untrusted\nimages or video files. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Johann MacDonagh. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/vmware-player\n \u003c= 2.5.5.328052 Vulnerable!\n 2 app-emulation/vmware-workstation\n \u003c= 6.5.5.328052 Vulnerable!\n 3 app-emulation/vmware-server\n \u003c= 1.0.9.156507 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nFurthermore, guest OS users may be able to execute arbitrary code on\nthe host OS, gain escalated privileges on the guest OS, or cause a\nDenial of Service (crash the host OS). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. We recommend that users\nunmerge VMware Server:\n\n # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[ 1 ] CVE-2007-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[ 2 ] CVE-2007-5503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[ 3 ] CVE-2007-5671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[ 4 ] CVE-2008-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[ 5 ] CVE-2008-1340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[ 6 ] CVE-2008-1361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[ 7 ] CVE-2008-1362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[ 8 ] CVE-2008-1363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[ 9 ] CVE-2008-1364\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\n\n Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA39206\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39206/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in multiple VMware products,\nwhich can be exploited by malicious, local users to disclose\nsensitive information or gain escalated privileges, and by malicious\npeople to disclose sensitive information, cause a DoS (Denial of\nService), or potentially compromise a user\u0027s system. \n\nNOTE: This vulnerability cannot be exploited without administrative\nprivileges on recent Windows versions (e.g. Windows XP and Windows\nVista). \n\n3) An error in libpng can be exploited to disclose uninitialised\nmemory via a specially crafted image. \n\nFor more information:\nSA35346\n\n4) A boundary error and two integer truncation errors in the VMnc\ncodec can be exploited to potentially execute arbitrary code. \n\nFor more information:\nSA36712\n\n5) An error in the VMware Authorization Service (\"vmware-authd\") can\nbe exploited to cause a crash. \n\nFor more information:\nSA39203\n\n7) A format string error in \"vmrun\" can be exploited to potentially\ngain escalated privileges. \n\nFor more information:\nSA39201\n\nSOLUTION:\nUpdate to a fixed version. \n\nPROVIDED AND/OR DISCOVERED BY:\n4) Alin Rad Pop, Secunia Research\n\nThe vendor also credits:\n1) Jure Skofic and Mitja Kolsek of ACROS Security\n2) Thierry Zoller\n4) iDefense and Sebastien Renaud of Vupen\n6) Johann MacDonagh\n7) Thomas Toth-Steiner\n\nORIGINAL ADVISORY:\nVMware (VMSA-2010-0007):\nhttp://lists.vmware.com/pipermail/security-announce/2010/000090.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2009-36/\nhttp://secunia.com/secunia_research/2009-37/\n\nOTHER REFERENCES:\nSA35346:\nhttp://secunia.com/advisories/35346/\n\nSA36712:\nhttp://secunia.com/advisories/36712/\n\nSA36988:\nhttp://secunia.com/advisories/36988/\n\nSA39198:\nhttp://secunia.com/advisories/39198/\n\nSA39201:\nhttp://secunia.com/advisories/39201/\n\nSA39203:\nhttp://secunia.com/advisories/39203/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1138"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "BID",
"id": "39395"
},
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88236"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1138",
"trust": 4.0
},
{
"db": "SECUNIA",
"id": "39203",
"trust": 3.2
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "39215",
"trust": 2.6
},
{
"db": "BID",
"id": "39395",
"trust": 2.2
},
{
"db": "OSVDB",
"id": "63607",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1023836",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2010-0572",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0852",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788\u203b14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7CB6C1-463F-11E9-973F-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "46D9D18E-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2010-1138",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88234",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88236",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117012",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88233",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "BID",
"id": "39395"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88236"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "NVD",
"id": "CVE-2010-1138"
}
]
},
"id": "VAR-201004-0994",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
}
]
},
"last_update_date": "2024-11-23T20:15:09.576000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/157"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "NVD",
"id": "CVE-2010-1138"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/39203"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39215"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 2.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/39395"
},
{
"trust": 1.9,
"url": "http://osvdb.org/63607"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023836"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1138"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/0852"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/39206/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/39203/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39215/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36988/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36712/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39201/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35346/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "BID",
"id": "39395"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88236"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "NVD",
"id": "CVE-2010-1138"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"db": "BID",
"id": "39395"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88236"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"db": "NVD",
"id": "CVE-2010-1138"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39395"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215"
},
{
"date": "2010-04-12T12:34:16",
"db": "PACKETSTORM",
"id": "88234"
},
{
"date": "2010-04-12T12:34:21",
"db": "PACKETSTORM",
"id": "88236"
},
{
"date": "2012-09-30T16:40:15",
"db": "PACKETSTORM",
"id": "117012"
},
{
"date": "2010-04-12T12:34:14",
"db": "PACKETSTORM",
"id": "88233"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"date": "2010-04-12T18:30:00.553000",
"db": "NVD",
"id": "CVE-2010-1138"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0572"
},
{
"date": "2013-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1138"
},
{
"date": "2012-10-01T19:10:00",
"db": "BID",
"id": "39395"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001366"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-157"
},
{
"date": "2024-11-21T01:13:43.927000",
"db": "NVD",
"id": "CVE-2010-1138"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "39395"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88236"
},
{
"db": "PACKETSTORM",
"id": "88233"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMWare product vmware-vmx Virtual Network Stack Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
},
{
"db": "IVD",
"id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0572"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-157"
}
],
"trust": 0.6
}
}
var-200609-1118
Vulnerability from variot
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.
Any software using OpenSSL to verify X.509 certificates is potentially vulnerable to this issue, as well as any other use of PKCS #1 v1.5, including software uses OpenSSL for SSL or TLS.
Updated packages are patched to address this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://www.openssl.org/news/secadv_20060905.txt
Updated Packages:
Mandriva Linux 2006.0: 8c5769bf04f65ba4c871556156e83a24 2006.0/RPMS/libopenssl0.9.7-0.9.7g-2.3.20060mdk.i586.rpm f4f595e10bc3ca3f075847ac25e5d78b 2006.0/RPMS/libopenssl0.9.7-devel-0.9.7g-2.3.20060mdk.i586.rpm 448ca33d2bf74e29650a72c4324ee26d 2006.0/RPMS/libopenssl0.9.7-static-devel-0.9.7g-2.3.20060mdk.i586.rpm 1d084addaaed6cf3933e21a59c831f37 2006.0/RPMS/openssl-0.9.7g-2.3.20060mdk.i586.rpm fffdadefbb4571005a0c48495eb9c112 2006.0/SRPMS/openssl-0.9.7g-2.3.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: c62f2df7b05b041498f0b8e335265d4f x86_64/2006.0/RPMS/lib64openssl0.9.7-0.9.7g-2.3.20060mdk.x86_64.rpm 3a113e1603e4827ef5ce2cc3e6fd30a8 x86_64/2006.0/RPMS/lib64openssl0.9.7-devel-0.9.7g-2.3.20060mdk.x86_64.rpm b991400c2bc6c2f1886ed8163fc64c46 x86_64/2006.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7g-2.3.20060mdk.x86_64.rpm a1bec4a4d34fb73ea5fcd72e22a4f291 x86_64/2006.0/RPMS/openssl-0.9.7g-2.3.20060mdk.x86_64.rpm fffdadefbb4571005a0c48495eb9c112 x86_64/2006.0/SRPMS/openssl-0.9.7g-2.3.20060mdk.src.rpm
Corporate 3.0: 89b73fa8deec7e2b87b2dc29ad854420 corporate/3.0/RPMS/libopenssl0.9.7-0.9.7c-3.5.C30mdk.i586.rpm fad4d18975f6eba4b0534fe8b1237512 corporate/3.0/RPMS/libopenssl0.9.7-devel-0.9.7c-3.5.C30mdk.i586.rpm 3755fdc390b94c4fd3e3ccbb69e27fa4 corporate/3.0/RPMS/libopenssl0.9.7-static-devel-0.9.7c-3.5.C30mdk.i586.rpm f1cbc11423cc40e1421b781638f1910d corporate/3.0/RPMS/openssl-0.9.7c-3.5.C30mdk.i586.rpm 2ecc834f99eceafe3567e8ed0e9277e3 corporate/3.0/SRPMS/openssl-0.9.7c-3.5.C30mdk.src.rpm
Corporate 3.0/X86_64: f65a08626dcc23531a30f009ca6a8b52 x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-0.9.7c-3.5.C30mdk.x86_64.rpm 67ac445d3ad9c1e2d19f4da624e6091f x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-devel-0.9.7c-3.5.C30mdk.x86_64.rpm 70b179ba036cad4bd59d79716dd0af41 x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7c-3.5.C30mdk.x86_64.rpm 133be57ba3ba96ca84a2d09cf661ddb8 x86_64/corporate/3.0/RPMS/openssl-0.9.7c-3.5.C30mdk.x86_64.rpm 2ecc834f99eceafe3567e8ed0e9277e3 x86_64/corporate/3.0/SRPMS/openssl-0.9.7c-3.5.C30mdk.src.rpm
Multi Network Firewall 2.0: 9c361b601f34404e9d5809a726005303 mnf/2.0/RPMS/libopenssl0.9.7-0.9.7c-3.5.M20mdk.i586.rpm aae1f0dcdb8c3f41c417f3f4cc823363 mnf/2.0/RPMS/libopenssl0.9.7-devel-0.9.7c-3.5.M20mdk.i586.rpm d71945758cd4cab08bba725bc7086181 mnf/2.0/RPMS/libopenssl0.9.7-static-devel-0.9.7c-3.5.M20mdk.i586.rpm 1584f0ecda9e2a57a1c8f848e8422049 mnf/2.0/RPMS/openssl-0.9.7c-3.5.M20mdk.i586.rpm efe79e9da865fdae6fa4d1bf377fb27e mnf/2.0/SRPMS/openssl-0.9.7c-3.5.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFE/zXomqjQ0CJFipgRAqraAJ9dQKFCKZSs2+wIddQYrsrir0XI7ACffXU5 4LAKvCmOVrwEbNgrZUVjHwU= =6ziA -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1118",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.9.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Bleichenbacher reported this issue to the vendor.",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4339",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n \n Any software using OpenSSL to verify X.509 certificates is potentially\n vulnerable to this issue, as well as any other use of PKCS #1 v1.5,\n including software uses OpenSSL for SSL or TLS. \n \n Updated packages are patched to address this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n http://www.openssl.org/news/secadv_20060905.txt\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 8c5769bf04f65ba4c871556156e83a24 2006.0/RPMS/libopenssl0.9.7-0.9.7g-2.3.20060mdk.i586.rpm\n f4f595e10bc3ca3f075847ac25e5d78b 2006.0/RPMS/libopenssl0.9.7-devel-0.9.7g-2.3.20060mdk.i586.rpm\n 448ca33d2bf74e29650a72c4324ee26d 2006.0/RPMS/libopenssl0.9.7-static-devel-0.9.7g-2.3.20060mdk.i586.rpm\n 1d084addaaed6cf3933e21a59c831f37 2006.0/RPMS/openssl-0.9.7g-2.3.20060mdk.i586.rpm\n fffdadefbb4571005a0c48495eb9c112 2006.0/SRPMS/openssl-0.9.7g-2.3.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n c62f2df7b05b041498f0b8e335265d4f x86_64/2006.0/RPMS/lib64openssl0.9.7-0.9.7g-2.3.20060mdk.x86_64.rpm\n 3a113e1603e4827ef5ce2cc3e6fd30a8 x86_64/2006.0/RPMS/lib64openssl0.9.7-devel-0.9.7g-2.3.20060mdk.x86_64.rpm\n b991400c2bc6c2f1886ed8163fc64c46 x86_64/2006.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7g-2.3.20060mdk.x86_64.rpm\n a1bec4a4d34fb73ea5fcd72e22a4f291 x86_64/2006.0/RPMS/openssl-0.9.7g-2.3.20060mdk.x86_64.rpm\n fffdadefbb4571005a0c48495eb9c112 x86_64/2006.0/SRPMS/openssl-0.9.7g-2.3.20060mdk.src.rpm\n\n Corporate 3.0:\n 89b73fa8deec7e2b87b2dc29ad854420 corporate/3.0/RPMS/libopenssl0.9.7-0.9.7c-3.5.C30mdk.i586.rpm\n fad4d18975f6eba4b0534fe8b1237512 corporate/3.0/RPMS/libopenssl0.9.7-devel-0.9.7c-3.5.C30mdk.i586.rpm\n 3755fdc390b94c4fd3e3ccbb69e27fa4 corporate/3.0/RPMS/libopenssl0.9.7-static-devel-0.9.7c-3.5.C30mdk.i586.rpm\n f1cbc11423cc40e1421b781638f1910d corporate/3.0/RPMS/openssl-0.9.7c-3.5.C30mdk.i586.rpm\n 2ecc834f99eceafe3567e8ed0e9277e3 corporate/3.0/SRPMS/openssl-0.9.7c-3.5.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n f65a08626dcc23531a30f009ca6a8b52 x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-0.9.7c-3.5.C30mdk.x86_64.rpm\n 67ac445d3ad9c1e2d19f4da624e6091f x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-devel-0.9.7c-3.5.C30mdk.x86_64.rpm\n 70b179ba036cad4bd59d79716dd0af41 x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7c-3.5.C30mdk.x86_64.rpm\n 133be57ba3ba96ca84a2d09cf661ddb8 x86_64/corporate/3.0/RPMS/openssl-0.9.7c-3.5.C30mdk.x86_64.rpm\n 2ecc834f99eceafe3567e8ed0e9277e3 x86_64/corporate/3.0/SRPMS/openssl-0.9.7c-3.5.C30mdk.src.rpm\n\n Multi Network Firewall 2.0:\n 9c361b601f34404e9d5809a726005303 mnf/2.0/RPMS/libopenssl0.9.7-0.9.7c-3.5.M20mdk.i586.rpm\n aae1f0dcdb8c3f41c417f3f4cc823363 mnf/2.0/RPMS/libopenssl0.9.7-devel-0.9.7c-3.5.M20mdk.i586.rpm\n d71945758cd4cab08bba725bc7086181 mnf/2.0/RPMS/libopenssl0.9.7-static-devel-0.9.7c-3.5.M20mdk.i586.rpm\n 1584f0ecda9e2a57a1c8f848e8422049 mnf/2.0/RPMS/openssl-0.9.7c-3.5.M20mdk.i586.rpm\n efe79e9da865fdae6fa4d1bf377fb27e mnf/2.0/SRPMS/openssl-0.9.7c-3.5.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFE/zXomqjQ0CJFipgRAqraAJ9dQKFCKZSs2+wIddQYrsrir0XI7ACffXU5\n4LAKvCmOVrwEbNgrZUVjHwU=\n=6ziA\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49782"
},
{
"db": "PACKETSTORM",
"id": "64684"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 1.5
},
{
"db": "BID",
"id": "19849",
"trust": 1.3
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "49782",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49782"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200609-1118",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.32525984999999996
},
"last_update_date": "2024-07-11T20:53:12.929000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.4,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.4,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49782"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49782"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2006-09-07T09:27:43",
"db": "PACKETSTORM",
"id": "49782"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2018-10-17T21:35:10.617000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
}
}
var-201004-0988
Vulnerability from variot
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk. plural VMware Product VMware Tools Is VMware There is a vulnerability in which privileges can be obtained due to a flaw in processing related to program loading.plural VMware Product VMware Tools Is VMware There is a vulnerability in which privileges can be obtained due to a flaw in processing related to program loading. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. All guest operating system users on Windows platforms can gain privilege escalation by placing Trojans on the guest system's disks. On recent versions of Windows, only users with administrative privileges can successfully perform an attack. Multiple VMware products are prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with elevated privileges; this may aid in other attacks. NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. Please see the vendor's advisory for more information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.
In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details. Windows-based VMware Tools Arbitrary Code Execution vulnerability
A vulnerability in the way VMware executables are loaded allows for
arbitrary code execution in the context of the logged on user.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Ace any any not affected
Server 2.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
d. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities
The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.
Vulnerabilities in the decoder allow for execution of arbitrary
code with the privileges of the user running an application
utilizing the vulnerable codec.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.4 Build 246459 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.x any not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
ACE any any not affected
Server 2.x Window not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
f.
For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Potential information leak via hosted networking stack
A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.
A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404
ESXi 3.5
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .
Background
VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.
A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.
Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS).
Workaround
There is no known workaround at this time. We recommend that users unmerge VMware Server:
# emerge --unmerge "app-emulation/vmware-server"
References
[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201209-25.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------
Secunia CSI + Microsoft SCCM
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
TITLE: VMware Products Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA39206
VERIFY ADVISORY: http://secunia.com/advisories/39206/
DESCRIPTION: Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system. Windows XP and Windows Vista).
3) An error in libpng can be exploited to disclose uninitialised memory via a specially crafted image.
For more information: SA35346
4) A boundary error and two integer truncation errors in the VMnc codec can be exploited to potentially execute arbitrary code.
For more information: SA36712
5) An error in the VMware Authorization Service ("vmware-authd") can be exploited to cause a crash.
For more information: SA39203
7) A format string error in "vmrun" can be exploited to potentially gain escalated privileges.
For more information: SA39201
SOLUTION: Update to a fixed version.
PROVIDED AND/OR DISCOVERED BY: 4) Alin Rad Pop, Secunia Research
The vendor also credits: 1) Jure Skofic and Mitja Kolsek of ACROS Security 2) Thierry Zoller 4) iDefense and Sebastien Renaud of Vupen 6) Johann MacDonagh 7) Thomas Toth-Steiner
ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html
Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/
OTHER REFERENCES: SA35346: http://secunia.com/advisories/35346/
SA36712: http://secunia.com/advisories/36712/
SA36988: http://secunia.com/advisories/36988/
SA39198: http://secunia.com/advisories/39198/
SA39201: http://secunia.com/advisories/39201/
SA39203: http://secunia.com/advisories/39203/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0988",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esxi",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esxi",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.5"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.4"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "server",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "player",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "server",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esxi",
"version": "3.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esxi",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "2.5.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "3.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "3.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.6"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.6196839"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.6"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2147997"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2"
},
{
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "ace build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "ace build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "ace build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.6"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
},
{
"db": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0575"
},
{
"db": "BID",
"id": "39394"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001365"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-161"
},
{
"db": "NVD",
"id": "CVE-2010-1142"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:ace",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esxi",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:fusion",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001365"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-161"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1142",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CVE-2010-1142",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1142",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-1142",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-161",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-1142",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
},
{
"db": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1142"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001365"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-161"
},
{
"db": "NVD",
"id": "CVE-2010-1142"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk. plural VMware Product VMware Tools Is VMware There is a vulnerability in which privileges can be obtained due to a flaw in processing related to program loading.plural VMware Product VMware Tools Is VMware There is a vulnerability in which privileges can be obtained due to a flaw in processing related to program loading. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. All guest operating system users on Windows platforms can gain privilege escalation by placing Trojans on the guest system\u0027s disks. On recent versions of Windows, only users with administrative privileges can successfully perform an attack. Multiple VMware products are prone to a local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to execute arbitrary code with elevated privileges; this may aid in other attacks. \nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. \nPlease see the vendor\u0027s advisory for more information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n A vulnerability in the way VMware libraries are referenced allows\n for arbitrary code execution in the context of the logged on user. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to lure the user that is logged on a Windows Guest\n Operating System to click on the attacker\u0027s file on a network\n share. This file could be in any file format. The attacker will\n need to have the ability to host their malicious files on a\n network share. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n\n Steps needed to remediate this vulnerability:\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the remediated version of Workstation, Player, ACE,\n Server and Fusion. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. Windows-based VMware Tools Arbitrary Code Execution vulnerability\n\n A vulnerability in the way VMware executables are loaded allows for\n arbitrary code execution in the context of the logged on user. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the Virtual Machine of the user. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n escalation\n\n A vulnerability in the USB service allows for a privilege\n escalation. A local attacker on the host of a Windows-based\n Operating System where VMware Workstation or VMware Player\n is installed could plant a malicious executable on the host and\n elevate their privileges. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x any not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.0 Linux not affected\n Player 2.5.x any not affected\n\n Ace any any not affected\n\n Server 2.x any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities\n\n The VMware movie decoder contains the VMnc media codec that is\n required to play back movies recorded with VMware Workstation,\n VMware Player and VMware ACE, in any compatible media player. The\n movie decoder is installed as part of VMware Workstation, VMware\n Player and VMware ACE, or can be downloaded as a stand alone\n package. \n\n Vulnerabilities in the decoder allow for execution of arbitrary\n code with the privileges of the user running an application\n utilizing the vulnerable codec. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Movie Decoder any Windows 6.5.4 Build 246459 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.x any not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n ACE any any not affected\n\n Server 2.x Window not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\nf. \n\n For an attack to be successful, an attacker would need to trick the\n VMrc user into opening a malicious Web page or following a malicious\n URL. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Potential information leak via hosted networking stack\n\n A vulnerability in the virtual networking stack of VMware hosted\n products could allow host information disclosure. \n\n A guest operating system could send memory from the host vmware-vmx\n process to the virtual network adapter and potentially to the\n host\u0027s physical Ethernet wire. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Linux-based vmrun format string vulnerability\n\n A format string vulnerability in vmrun could allow arbitrary code\n execution. \n\n If a vmrun command is issued and processes are listed, code could\n be executed in the context of the user listing the processes. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n VIX API any Windows not affected\n VIX API 1.6.x Linux upgrade to VIX API 1.7 or later\n VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows not affected\n Workstation 6.5.x Linux 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x Windows not affected\n Player 2.5.x Linux 2.5.4 build 246459 or later\n\n Ace any Windows not affected\n\n Server 2.x Windows not affected\n Server 2.x Linux not being fixed at this time\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n VIX API 1.6 for Windows\n Version 2.0.2 | 203138 - 10/26/09\n 37 MB image\n md5sum: 827e65e70803ec65ade62dd27a74407a\n sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n For Linux\n\n VMware Server 2 for Linux Operating Systems. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 451 MB TAR image\n md5sum: cc7aef813008eeb7150c21547d431b39\n sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n VMware Fusion 3.0.2\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n VMware Fusion 3.0.2 (for Intel-based Macs)\n md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n VMware Fusion 2.0.7\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n VMware Fusion 2.0.7 (for Intel-based Macs)\n md5sum: a293f5ce6ccc227760640753386e9da6\n sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n VMware Fusion 2.0.7 Light (for Intel-based Macs)\n md5sum: d4772d118fb90323f598849e70c21189\n sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n ----------------------------------------------\n VIX API for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host\n md5sum:b494fc3092f07d0f29cc06a19fe61306\n sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n VIX API for Linux 32-bit\n md5sum:6b0ed8872d8b714363cddc68b6a77008\n sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n VIX API for Linux 64-bit\n md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n VIX API Version: 1.8.1 | 2009-10-11 | 207905\n ---------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:4f21e4cb518767bc08045f5a39f5d41f\n sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n VIX API for Linux 32-bit\n md5sum:f347e94d907c26754540d59956ee5d53\n sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n VIX API for Linux 64-bit\n md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n VIX API Version: 1.10 Beta | 01/28/10 | 222403\n ----------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n VIX API for Linux 32-bit\n md5sum:07d1989d042e317eb9d2b3daf269dda7\n sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n VIX API for Linux 64-bit\n md5sum:9b345008e0adec3c044988307294944b\n sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n ESXi\n ----\n ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n md5sum: e5aa2968d389594abdc59cbac7b0183d\n sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n http://kb.vmware.com/kb/1018404\n\n ESXi 3.5\n --------\n ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n ESXe350-200912401-O-BG from December 2009. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/vmware-player\n \u003c= 2.5.5.328052 Vulnerable!\n 2 app-emulation/vmware-workstation\n \u003c= 6.5.5.328052 Vulnerable!\n 3 app-emulation/vmware-server\n \u003c= 1.0.9.156507 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nFurthermore, guest OS users may be able to execute arbitrary code on\nthe host OS, gain escalated privileges on the guest OS, or cause a\nDenial of Service (crash the host OS). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. We recommend that users\nunmerge VMware Server:\n\n # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[ 1 ] CVE-2007-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[ 2 ] CVE-2007-5503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[ 3 ] CVE-2007-5671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[ 4 ] CVE-2008-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[ 5 ] CVE-2008-1340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[ 6 ] CVE-2008-1361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[ 7 ] CVE-2008-1362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[ 8 ] CVE-2008-1363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[ 9 ] CVE-2008-1364\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\n\n Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA39206\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39206/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in multiple VMware products,\nwhich can be exploited by malicious, local users to disclose\nsensitive information or gain escalated privileges, and by malicious\npeople to disclose sensitive information, cause a DoS (Denial of\nService), or potentially compromise a user\u0027s system. Windows XP and Windows\nVista). \n\n3) An error in libpng can be exploited to disclose uninitialised\nmemory via a specially crafted image. \n\nFor more information:\nSA35346\n\n4) A boundary error and two integer truncation errors in the VMnc\ncodec can be exploited to potentially execute arbitrary code. \n\nFor more information:\nSA36712\n\n5) An error in the VMware Authorization Service (\"vmware-authd\") can\nbe exploited to cause a crash. \n\nFor more information:\nSA39203\n\n7) A format string error in \"vmrun\" can be exploited to potentially\ngain escalated privileges. \n\nFor more information:\nSA39201\n\nSOLUTION:\nUpdate to a fixed version. \n\nPROVIDED AND/OR DISCOVERED BY:\n4) Alin Rad Pop, Secunia Research\n\nThe vendor also credits:\n1) Jure Skofic and Mitja Kolsek of ACROS Security\n2) Thierry Zoller\n4) iDefense and Sebastien Renaud of Vupen\n6) Johann MacDonagh\n7) Thomas Toth-Steiner\n\nORIGINAL ADVISORY:\nVMware (VMSA-2010-0007):\nhttp://lists.vmware.com/pipermail/security-announce/2010/000090.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2009-36/\nhttp://secunia.com/secunia_research/2009-37/\n\nOTHER REFERENCES:\nSA35346:\nhttp://secunia.com/advisories/35346/\n\nSA36712:\nhttp://secunia.com/advisories/36712/\n\nSA36988:\nhttp://secunia.com/advisories/36988/\n\nSA39198:\nhttp://secunia.com/advisories/39198/\n\nSA39201:\nhttp://secunia.com/advisories/39201/\n\nSA39203:\nhttp://secunia.com/advisories/39203/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1142"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001365"
},
{
"db": "CNVD",
"id": "CNVD-2010-0575"
},
{
"db": "BID",
"id": "39394"
},
{
"db": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
},
{
"db": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1142"
},
{
"db": "PACKETSTORM",
"id": "88509"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1142",
"trust": 4.0
},
{
"db": "SECUNIA",
"id": "39198",
"trust": 3.2
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 2.6
},
{
"db": "BID",
"id": "39394",
"trust": 2.2
},
{
"db": "SECTRACK",
"id": "1023832",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1023833",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2010-0575",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-161",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0852",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001365",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788\u203b14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7CB6C0-463F-11E9-AC95-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "46E2C62C-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2010-1142",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88509",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117012",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88233",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
},
{
"db": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0575"
},
{
"db": "VULMON",
"id": "CVE-2010-1142"
},
{
"db": "BID",
"id": "39394"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001365"
},
{
"db": "PACKETSTORM",
"id": "88509"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-161"
},
{
"db": "NVD",
"id": "CVE-2010-1142"
}
]
},
"id": "VAR-201004-0988",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
},
{
"db": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0575"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
},
{
"db": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0575"
}
]
},
"last_update_date": "2024-11-23T19:36:08.944000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/156"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0575"
},
{
"db": "VULMON",
"id": "CVE-2010-1142"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001365"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001365"
},
{
"db": "NVD",
"id": "CVE-2010-1142"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/39198"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/39394"
},
{
"trust": 1.9,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023832"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023833"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.5,
"url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-2-pub.txt"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1142"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/0852"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/39198/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-1-pub.txt"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36988/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36712/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39206/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39201/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39203/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35346/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0575"
},
{
"db": "VULMON",
"id": "CVE-2010-1142"
},
{
"db": "BID",
"id": "39394"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001365"
},
{
"db": "PACKETSTORM",
"id": "88509"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-161"
},
{
"db": "NVD",
"id": "CVE-2010-1142"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
},
{
"db": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0575"
},
{
"db": "VULMON",
"id": "CVE-2010-1142"
},
{
"db": "BID",
"id": "39394"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001365"
},
{
"db": "PACKETSTORM",
"id": "88509"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-161"
},
{
"db": "NVD",
"id": "CVE-2010-1142"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
},
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0575"
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1142"
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39394"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001365"
},
{
"date": "2010-04-16T05:45:30",
"db": "PACKETSTORM",
"id": "88509"
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215"
},
{
"date": "2012-09-30T16:40:15",
"db": "PACKETSTORM",
"id": "117012"
},
{
"date": "2010-04-12T12:34:14",
"db": "PACKETSTORM",
"id": "88233"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-161"
},
{
"date": "2010-04-12T18:30:00.710000",
"db": "NVD",
"id": "CVE-2010-1142"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0575"
},
{
"date": "2013-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1142"
},
{
"date": "2012-10-01T19:10:00",
"db": "BID",
"id": "39394"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001365"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-161"
},
{
"date": "2024-11-21T01:13:44.523000",
"db": "NVD",
"id": "CVE-2010-1142"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-161"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMWare Tools Package Local Privilege Escalation Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
},
{
"db": "IVD",
"id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0575"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-161"
}
],
"trust": 0.6
}
}
var-200110-0258
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
}
],
"trust": 4.05
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "BID",
"id": "20248",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-25T20:28:38.158000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2024-11-21T00:12:26.670000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200110-0179
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172-1 http://www.mandriva.com/security/
Package : openssl Date : October 2, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
During the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. (CVE-2006-2937)
Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. (CVE-2006-2940)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. (CVE-2006-4343)
Updated packages are patched to address these issues.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0179",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. Henson of the OpenSSL core team and Open Network Security is credited with the discovery of this vulnerability. He created the test suite that uncovered this issue.",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172-1\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : October 2, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n\n During the parsing of certain invalid ASN1 structures an error\n condition is mishandled. This can result in an infinite loop which\n consumes system memory. (CVE-2006-2937)\n\n Certain types of public key can take disproportionate amounts of time\n to process. This could be used by an attacker in a denial of service\n attack. (CVE-2006-2940)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n buffer overflow in the SSL_get_shared_ciphers utility function, used by\n some applications such as exim and mysql. An attacker could send a\n list of ciphers that would overrun a buffer. (CVE-2006-3738)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n possible DoS in the sslv2 client code. (CVE-2006-4343)\n\n Updated packages are patched to address these issues. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
}
],
"trust": 4.23
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 1.5
},
{
"db": "BID",
"id": "20248",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0179",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-09-08T22:44:24.584000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
}
}
var-200110-0342
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.
References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I otH/juFiPayhwdxQwX1pZwdm =e4BA -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172 http://www.mandriva.com/security/
Package : openssl Date : September 28, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
During the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. (CVE-2006-2937)
Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. (CVE-2006-2940)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. (CVE-2006-4343)
Updated packages are patched to address these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0342",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. Henson of the OpenSSL core team and Open Network Security is credited with the discovery of this vulnerability. He created the test suite that uncovered this issue.",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-2937",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I\notH/juFiPayhwdxQwX1pZwdm\n=e4BA\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : September 28, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n\n During the parsing of certain invalid ASN1 structures an error\n condition is mishandled. This can result in an infinite loop which\n consumes system memory. (CVE-2006-2937)\n\n Certain types of public key can take disproportionate amounts of time\n to process. This could be used by an attacker in a denial of service\n attack. (CVE-2006-2940)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n buffer overflow in the SSL_get_shared_ciphers utility function, used by\n some applications such as exim and mysql. An attacker could send a\n list of ciphers that would overrun a buffer. (CVE-2006-3738)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n possible DoS in the sslv2 client code. (CVE-2006-4343)\n\n Updated packages are patched to address these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 4.95
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 2.3
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0342",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.30152614
},
"last_update_date": "2024-04-20T19:49:59.696000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/tlsa-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0695j.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/tlsa-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
}
}
var-200110-0207
Vulnerability from variot
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ASN.1 Denial of Service Attack (1/2)
During the parsing of certain invalid ASN.1 structures an error
condition is mishandled. This can result in an infinite loop which
consumes system memory. ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. This could be used by an attacker in a denial of
service attack. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824490 Version: 1
HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05 Last Updated: 2011-05-05
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
References: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html
CSWS_PHP V2.2 http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html
HISTORY Version:1 (rev.1) - 5 May 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0207",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor credits Tavis Ormandy and Will Drewry of the Google Security Team with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ASN.1 Denial of Service Attack (1/2)\n\n During the parsing of certain invalid ASN.1 structures an error\n condition is mishandled. This can result in an infinite loop which\n consumes system memory. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. This could be used by an attacker in a denial of\n service attack. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02824490\nVersion: 1\n\nHPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-05-05\nLast Updated: 2011-05-05\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nReferences: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html\n\nCSWS_PHP V2.2\n http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html\n\nHISTORY\nVersion:1 (rev.1) - 5 May 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
}
],
"trust": 4.59
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "BID",
"id": "20246",
"trust": 2.1
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200110-0207",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-11-09T21:14:34.749000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.7,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2018-10-17T21:36:13.210000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
}
}
var-200110-0259
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . ASN.1 Denial of Service Attack (1/2)
During the parsing of certain invalid ASN.1 structures an error
condition is mishandled. ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 0.9.8d >= 0.9.8d *>= 0.9.7l
Description
Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0259",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. ASN.1 Denial of Service Attack (1/2)\n\n During the parsing of certain invalid ASN.1 structures an error\n condition is mishandled. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 0.9.8d \u003e= 0.9.8d\n *\u003e= 0.9.7l\n\nDescription\n===========\n\nTavis Ormandy and Will Drewry, both of the Google Security Team,\ndiscovered that the SSL_get_shared_ciphers() function contains a buffer\noverflow vulnerability, and that the SSLv2 client code contains a flaw\nleading to a crash. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "51324"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.8
},
{
"db": "BID",
"id": "20247",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200110-0259",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-18T21:09:02.118000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.9,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2018-10-18T16:44:22.137000",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
}
}
var-200110-0224
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172-1 http://www.mandriva.com/security/
Package : openssl Date : October 2, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
During the parsing of certain invalid ASN1 structures an error condition is mishandled. (CVE-2006-2937)
Certain types of public key can take disproportionate amounts of time to process. (CVE-2006-2940)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738)
Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01118771 Version: 1
HPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01 Last Updated: 2007-08-01
Potential Security Impact: Remote execution of arbitrary code and Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified HP System Management Homepage (SMH) for Linux and Windows.
References: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-4339, CVE-2006-4343
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. A more recent version is available: System Management Homepage (SMH) version 2.1.8
HP System Management Homepage for Linux (x86) version 2.1.8-177 can be downloaded from http://h18023.www1.hp.com/support/files/server/us/download/26864.html
HP System Management Homepage for Linux (AMD64/EM64T) version 2.1.8-177 can be downloaded from http://h18023.www1.hp.com/support/files/server/us/download/26866.html
HP System Management Homepage for Windows version 2.1.8-179 can be downloaded from http://h18023.www1.hp.com/support/files/server/us/download/26977.html
PRODUCT SPECIFIC INFORMATION
HISTORY: Version:1 (rev.1) - 1 August 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0224",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172-1\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : October 2, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n\n During the parsing of certain invalid ASN1 structures an error\n condition is mishandled. (CVE-2006-2937)\n\n Certain types of public key can take disproportionate amounts of time\n to process. (CVE-2006-2940)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n buffer overflow in the SSL_get_shared_ciphers utility function, used by\n some applications such as exim and mysql. An attacker could send a\n list of ciphers that would overrun a buffer. (CVE-2006-3738)\n\n Tavis Ormandy and Will Drewry of the Google Security Team discovered a\n possible DoS in the sslv2 client code. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01118771\nVersion: 1\n\nHPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-08-01\nLast Updated: 2007-08-01\n\n\nPotential Security Impact: Remote execution of arbitrary code and Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified HP System Management Homepage (SMH) for Linux and Windows. \n\nReferences: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-4339, CVE-2006-4343\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \nA more recent version is available: System Management Homepage (SMH) version 2.1.8 \n\nHP System Management Homepage for Linux (x86) version 2.1.8-177 can be downloaded from \nhttp://h18023.www1.hp.com/support/files/server/us/download/26864.html \n\nHP System Management Homepage for Linux (AMD64/EM64T) version 2.1.8-177 can be downloaded from \nhttp://h18023.www1.hp.com/support/files/server/us/download/26866.html \n\nHP System Management Homepage for Windows version 2.1.8-179 can be downloaded from \nhttp://h18023.www1.hp.com/support/files/server/us/download/26977.html \n\nPRODUCT SPECIFIC INFORMATION \n\nHISTORY: \nVersion:1 (rev.1) - 1 August 2007 Initial Release \n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux \nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "58346"
}
],
"trust": 4.5
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "BID",
"id": "20248",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0224",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-29T21:56:51.497000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2024-11-21T00:12:26.670000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200609-1512
Vulnerability from variot
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01118771 Version: 1
HPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01 Last Updated: 2007-08-01
Potential Security Impact: Remote execution of arbitrary code and Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified HP System Management Homepage (SMH) for Linux and Windows. These vulnerabilities could by exploited remotely resulting in the execution of arbitrary code or a Denial of Service (DoS).
References: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-4339, CVE-2006-4343
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. A more recent version is available: System Management Homepage (SMH) version 2.1.8
HP System Management Homepage for Linux (x86) version 2.1.8-177 can be downloaded from http://h18023.www1.hp.com/support/files/server/us/download/26864.html
HP System Management Homepage for Linux (AMD64/EM64T) version 2.1.8-177 can be downloaded from http://h18023.www1.hp.com/support/files/server/us/download/26866.html
HP System Management Homepage for Windows version 2.1.8-179 can be downloaded from http://h18023.www1.hp.com/support/files/server/us/download/26977.html
PRODUCT SPECIFIC INFORMATION
HISTORY: Version:1 (rev.1) - 1 August 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRrIKieAfOvwtKn1ZEQJUJACfakfLP0u32ySuj4KuXa+P2KgKODEAoIag 4otTq1h8U9Q2sa0noibOymby =jOXf -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200610-06
http://security.gentoo.org/
Severity: Normal Title: Mozilla Network Security Service (NSS): RSA signature forgery Date: October 17, 2006 Bugs: #148283 ID: 200610-06
Synopsis
NSS fails to properly validate PKCS #1 v1.5 signatures.
Background
The Mozilla Network Security Service is a library implementing security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/nss < 3.11.3 >= 3.11.3
Description
Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3. This impacts any software using the NSS library, like the Mozilla products Firefox, Thunderbird and Seamonkey.
Workaround
There is no known workaround at this time.
Resolution
All NSS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/nss-3.11.3"
Note: As usual after updating a library, you should run 'revdep-rebuild' (from the app-portage/gentoolkit package) to ensure that all applications linked to it are properly rebuilt.
References
[ 1 ] CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 [ 2 ] CVE-2006-4340 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1512",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com\u203bVicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es\u203bAlexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4339",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4339",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01118771\nVersion: 1\n\nHPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-08-01\nLast Updated: 2007-08-01\n\n\nPotential Security Impact: Remote execution of arbitrary code and Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified HP System Management Homepage (SMH) for Linux and Windows. These vulnerabilities could by exploited remotely resulting in the execution of arbitrary code or a Denial of Service (DoS). \n\nReferences: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-4339, CVE-2006-4343\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \nA more recent version is available: System Management Homepage (SMH) version 2.1.8 \n\nHP System Management Homepage for Linux (x86) version 2.1.8-177 can be downloaded from \nhttp://h18023.www1.hp.com/support/files/server/us/download/26864.html \n\nHP System Management Homepage for Linux (AMD64/EM64T) version 2.1.8-177 can be downloaded from \nhttp://h18023.www1.hp.com/support/files/server/us/download/26866.html \n\nHP System Management Homepage for Windows version 2.1.8-179 can be downloaded from \nhttp://h18023.www1.hp.com/support/files/server/us/download/26977.html \n\nPRODUCT SPECIFIC INFORMATION \n\nHISTORY: \nVersion:1 (rev.1) - 1 August 2007 Initial Release \n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux \nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRrIKieAfOvwtKn1ZEQJUJACfakfLP0u32ySuj4KuXa+P2KgKODEAoIag\n4otTq1h8U9Q2sa0noibOymby\n=jOXf\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Mozilla Network Security Service (NSS): RSA signature\n forgery\n Date: October 17, 2006\n Bugs: #148283\n ID: 200610-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nNSS fails to properly validate PKCS #1 v1.5 signatures. \n\nBackground\n==========\n\nThe Mozilla Network Security Service is a library implementing security\nfeatures like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12,\nS/MIME and X.509 certificates. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/nss \u003c 3.11.3 \u003e= 3.11.3\n\nDescription\n===========\n\nDaniel Bleichenbacher discovered that it might be possible to forge\nsignatures signed by RSA keys with the exponent of 3. This impacts any software using the NSS library, like the\nMozilla products Firefox, Thunderbird and Seamonkey. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll NSS users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/nss-3.11.3\"\n\nNote: As usual after updating a library, you should run\n\u0027revdep-rebuild\u0027 (from the app-portage/gentoolkit package) to ensure\nthat all applications linked to it are properly rebuilt. \n\nReferences\n==========\n\n [ 1 ] CVE-2006-4339\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n [ 2 ] CVE-2006-4340\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51167"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 1.8
},
{
"db": "BID",
"id": "19849",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51167",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200609-1512",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-11-06T21:20:40.512000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OOo_3.2.1_Win_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3189"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3193"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3192"
},
{
"title": "OOo_3.2.1_Linux_x86_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3191"
},
{
"title": "OOo_3.2.0_Solaris_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3195"
},
{
"title": "OOo_3.2.1_Linux_x86_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3190"
},
{
"title": "OOo_3.2.0_MacOS_x86_install_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3194"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4340"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-06.xml"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-20T22:34:17",
"db": "PACKETSTORM",
"id": "51167"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2018-10-17T21:35:10.617000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
}
}
var-200110-0353
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0353",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 5.58
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0353",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-10-10T21:04:05.052000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200110-0349
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824490 Version: 1
HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05 Last Updated: 2011-05-05
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
References: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html
CSWS_PHP V2.2 http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html
HISTORY Version:1 (rev.1) - 5 May 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iEUEARECAAYFAk3C8qwACgkQ4B86/C0qfVnBqgCYtJgc2OLmG0JEGU4sCpzntC4E HACgjeWEt9Ja5qNdjhL5iwOp3JVtVic= =EvRT -----END PGP SIGNATURE----- . HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor credits Dr S. N. Henson of Open Network Security with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "20247"
}
],
"trust": 0.3
},
"cve": "CVE-2006-2940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02824490\nVersion: 1\n\nHPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-05-05\nLast Updated: 2011-05-05\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nReferences: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html\n\nCSWS_PHP V2.2\n http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html\n\nHISTORY\nVersion:1 (rev.1) - 5 May 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEUEARECAAYFAk3C8qwACgkQ4B86/C0qfVnBqgCYtJgc2OLmG0JEGU4sCpzntC4E\nHACgjeWEt9Ja5qNdjhL5iwOp3JVtVic=\n=EvRT\n-----END PGP SIGNATURE-----\n. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 1.6
},
{
"db": "BID",
"id": "20247",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200110-0349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-10-30T20:47:49.439000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247"
},
{
"date": "2018-10-18T16:44:22.137000",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20247"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20247"
}
],
"trust": 0.3
}
}
var-200609-1054
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- .
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824490 Version: 1
HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05 Last Updated: 2011-05-05
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
References: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html
CSWS_PHP V2.2 http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html
HISTORY Version:1 (rev.1) - 5 May 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02824490\nVersion: 1\n\nHPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-05-05\nLast Updated: 2011-05-05\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nReferences: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html\n\nCSWS_PHP V2.2\n http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html\n\nHISTORY\nVersion:1 (rev.1) - 5 May 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "53566"
}
],
"trust": 5.67
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-1054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-23T20:10:20.076000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2024-11-21T00:12:26.670000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200009-0023
Vulnerability from variot
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. Some applications for Microsoft Windows may use unsafe methods for determining how to load DLLs. As a result, these applications can be forced to load a DLL from an attacker-controlled source rather than a trusted location. Windows Program DLL There is an attackable vulnerability in reading. Dynamic link Library (DLL) Is a software component that is loaded at run time, not at program compile time. The program is LoadLibrary() And LoadLibraryEx() Using DLL Is read. Read DLL If no path is specified, specific directories are searched in order and found first. DLL Is loaded. Since this directory group includes the current directory of the process, the directory that can be operated by the attacker is set as the current directory. LoadLibrary() If is called, attack code may be executed. This issue can occur when browsing files located in directories that an attacker can manipulate. Read DLL The name depends on the program. DLL Read Windows The entire program may be affected. " Opera Software "and" Adobe Vulnerability information on " : Mitsui Bussan Secure Direction Co., Ltd. Takashi Yoshikawa MrA remote attacker could execute arbitrary code with the authority to execute the program. Attacker crafted DLL The USB Placing it on a drive or network drive may cause an attack. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The VMWare Tools package used in VMWare products does not properly access the function library. An attacker can exploit this issue by enticing a user to open a malicious file from a network share. The issue can be exploited on Windows guest operating systems Successful exploits will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects the following products: Workstation Player ACE Server Fusion ESX ESXi NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. This file could be in any file format.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Ace any any not affected
Server 2.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
d. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities
The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.4 Build 246459 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.x any not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
ACE any any not affected
Server 2.x Window not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
f. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Potential information leak via hosted networking stack
A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.
A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404
ESXi 3.5
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA10-238A
Microsoft Windows Insecurely Loads Dynamic Libraries
Original release date: August 26, 2010 Last revised: -- Source: US-CERT
Systems Affected
Any application running on the Microsoft Windows platform that
uses dynamically linked libraries (DLLs) may be affected. Please see the Vendor Information
section of Vulnerability Note VU#707943 for information about
specific vendors. DLLs are typically loaded
when the application is first started; however DLLs may be loaded and unloaded while the application is running. An application can request a DLL file in a variety of ways, and Windows uses several different search algorithms to find DLL files. The interaction between the application and Windows can result in a DLL file being loaded from the current working directory of the application, instead of the Windows system directory or the directory where the application is installed.
The current working directory could be the desktop, a removable storage device such as a USB key, a Windows file share, or a WebDAV location. When a file associated with an application is opened, a DLL in the same directory as the file may be loaded. Although an attacker may not have permission to write to the Windows system or application directories, the attacker may be able to write a DLL to a directory used to store files, or the attacker could provide their own directory.
Attacks against this type of vulnerability have been referred to as "binary planting." Please see Vulnerability Note VU#707943 and Microsoft Security Advisory 2269637 for more information.
II. Impact
By placing a DLL with the correct name (and possibly the relative directory path) in the current working directory, an attacker could execute arbitrary code with the privileges of the application that loads the DLL.
III. Solution
Individual applications that run on the Windows platform may require patches or updates. Microsoft Knowledge Base article KB2264107 describes an update that provides a registry key that can prevent Windows from searching the current working directory for DLL files.
Information about specific solutions for different vendors, general mitigation techniques, and secure ways for applications to load DLLs can be found in the Vendor Information and Solution sections of Vulnerability Note VU#707943.
IV. References
-
Vulnerability Note VU#707943 - http://www.kb.cert.org/vuls/id/707943
-
Microsoft Security Advisory (2269637) - http://www.microsoft.com/technet/security/advisory/2269637.mspx
-
A new CWDIllegalInDllSearch registry entry is available to control the DLL search path algorithm - http://support.microsoft.com/kb/2264107
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA10-238A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-238A Feedback VU#707943" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2010 by US-CERT, a government organization.
Background
VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.
Impact
Local users may be able to gain escalated privileges, cause a Denial of Service, or gain sensitive information.
A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.
Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS).
Workaround
There is no known workaround at this time.
Gentoo discontinued support for VMware Workstation. We recommend that users unmerge VMware Server:
# emerge --unmerge "app-emulation/vmware-server"
References
[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201209-25.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200009-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esx",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esxi",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esxi",
"scope": "eq",
"trust": 3.0,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.5"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.4"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "player",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "server",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 1.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "player",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "ace",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "2.0.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "abvent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "adobe",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "atomix productions",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "autodesk",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avast antivirus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bentley",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bittorrent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bitmanagement",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conceiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "corel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyberlink",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "daemon tools",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dassault systemes",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "divx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ezb",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ecava",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fengtao",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gfi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "graphisoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gilles vollant",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guidance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "httrack",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "izarc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "inkscape",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "maxthon",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microchip",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netstumbler",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "norman",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nullsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pgp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pkware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pixia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "realnetworks",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sisoftware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "smart projects",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonic",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sony",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sweetscape",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "teamviewer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "techsmith",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tortoisesvn",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tracker",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "videolan",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "winmerge",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wireshark",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wolters kluwer",
"version": null
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "lhaforge",
"scope": "lte",
"trust": 0.8,
"vendor": "claybird",
"version": "1.5.1 and earlier"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.3"
},
{
"model": "enterprisedirectoryserver",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.4"
},
{
"model": "securebranch",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "soho xp dedicated application securebranch accessmanager ver2.2.18 before"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.4"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.2"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v8.2"
},
{
"model": "explzh",
"scope": "lte",
"trust": 0.8,
"vendor": "pon",
"version": "v.5.65 and earlier"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "9"
},
{
"model": "securebranch",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "soho vista dedicated application securebranch accessmanager ver3.0.13 before"
},
{
"model": "lunascape",
"scope": "lte",
"trust": 0.8,
"vendor": "lunascape",
"version": "6.3.0 and earlier"
},
{
"model": "securefinger",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "fingerprint authentication runtime ( c / s edition) all versions"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "client v7.1"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.5"
},
{
"model": "esmpro/serveragentservice",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "lhmelt",
"scope": "lte",
"trust": 0.8,
"vendor": "micco",
"version": "1.65.1.2 and earlier"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "download server v7.1"
},
{
"model": "esmpro/serveragent",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "client v5.3"
},
{
"model": "terapad",
"scope": "lte",
"trust": 0.8,
"vendor": "terao progress",
"version": "ver.1.00\\u3000 and earlier"
},
{
"model": "sleipnir",
"scope": "lte",
"trust": 0.8,
"vendor": "fenrir",
"version": "2.9.5 and earlier"
},
{
"model": "securefinger",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "fingerprint authentication utility ad all versions"
},
{
"model": "lhaplus",
"scope": "lte",
"trust": 0.8,
"vendor": "schezo",
"version": "1.57 and earlier"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.3"
},
{
"model": "infoframe documentskipper",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "downloader v5.3"
},
{
"model": "webotx",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "download contents v8.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "5.5.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ace",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "2.0.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "fusion",
"version": "3.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esxi",
"version": "3.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esxi",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "2.5.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "3.0.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "3.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "esx",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "movie decoder",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.6"
},
{
"model": "fusion build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2147997"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2"
},
{
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "BID",
"id": "39392"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:ace",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:esxi",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:fusion",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1141",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CVE-2010-1141",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "46c824c0-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1141",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#707943",
"trust": 0.8,
"value": "64.13"
},
{
"author": "NVD",
"id": "CVE-2010-1141",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-160",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-1141",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. Some applications for Microsoft Windows may use unsafe methods for determining how to load DLLs. As a result, these applications can be forced to load a DLL from an attacker-controlled source rather than a trusted location. Windows Program DLL There is an attackable vulnerability in reading. Dynamic link Library (DLL) Is a software component that is loaded at run time, not at program compile time. The program is LoadLibrary() And LoadLibraryEx() Using DLL Is read. Read DLL If no path is specified, specific directories are searched in order and found first. DLL Is loaded. Since this directory group includes the current directory of the process, the directory that can be operated by the attacker is set as the current directory. LoadLibrary() If is called, attack code may be executed. This issue can occur when browsing files located in directories that an attacker can manipulate. Read DLL The name depends on the program. DLL Read Windows The entire program may be affected. \" Opera Software \"and\" Adobe Vulnerability information on \" : Mitsui Bussan Secure Direction Co., Ltd. Takashi Yoshikawa MrA remote attacker could execute arbitrary code with the authority to execute the program. Attacker crafted DLL The USB Placing it on a drive or network drive may cause an attack. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The VMWare Tools package used in VMWare products does not properly access the function library. \nAn attacker can exploit this issue by enticing a user to open a malicious file from a network share. The issue can be exploited on Windows guest operating systems\nSuccessful exploits will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nThis issue affects the following products:\nWorkstation\nPlayer\nACE\nServer\nFusion\nESX\nESXi\nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. This file could be in any file format. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n\n Steps needed to remediate this vulnerability:\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the remediated version of Workstation, Player, ACE,\n Server and Fusion. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n escalation\n\n A vulnerability in the USB service allows for a privilege\n escalation. A local attacker on the host of a Windows-based\n Operating System where VMware Workstation or VMware Player\n is installed could plant a malicious executable on the host and\n elevate their privileges. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x any not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.0 Linux not affected\n Player 2.5.x any not affected\n\n Ace any any not affected\n\n Server 2.x any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities\n\n The VMware movie decoder contains the VMnc media codec that is\n required to play back movies recorded with VMware Workstation,\n VMware Player and VMware ACE, in any compatible media player. The\n movie decoder is installed as part of VMware Workstation, VMware\n Player and VMware ACE, or can be downloaded as a stand alone\n package. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Movie Decoder any Windows 6.5.4 Build 246459 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.x any not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n ACE any any not affected\n\n Server 2.x Window not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\nf. \n Exploitation of this issue may lead to arbitrary code execution on\n the system where VMrc is installed. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Potential information leak via hosted networking stack\n\n A vulnerability in the virtual networking stack of VMware hosted\n products could allow host information disclosure. \n\n A guest operating system could send memory from the host vmware-vmx\n process to the virtual network adapter and potentially to the\n host\u0027s physical Ethernet wire. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. Linux-based vmrun format string vulnerability\n\n A format string vulnerability in vmrun could allow arbitrary code\n execution. \n\n If a vmrun command is issued and processes are listed, code could\n be executed in the context of the user listing the processes. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n VIX API any Windows not affected\n VIX API 1.6.x Linux upgrade to VIX API 1.7 or later\n VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows not affected\n Workstation 6.5.x Linux 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x Windows not affected\n Player 2.5.x Linux 2.5.4 build 246459 or later\n\n Ace any Windows not affected\n\n Server 2.x Windows not affected\n Server 2.x Linux not being fixed at this time\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n VIX API 1.6 for Windows\n Version 2.0.2 | 203138 - 10/26/09\n 37 MB image\n md5sum: 827e65e70803ec65ade62dd27a74407a\n sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n For Linux\n\n VMware Server 2 for Linux Operating Systems. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 451 MB TAR image\n md5sum: cc7aef813008eeb7150c21547d431b39\n sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n VMware Fusion 3.0.2\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n VMware Fusion 3.0.2 (for Intel-based Macs)\n md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n VMware Fusion 2.0.7\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n VMware Fusion 2.0.7 (for Intel-based Macs)\n md5sum: a293f5ce6ccc227760640753386e9da6\n sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n VMware Fusion 2.0.7 Light (for Intel-based Macs)\n md5sum: d4772d118fb90323f598849e70c21189\n sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n ----------------------------------------------\n VIX API for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host\n md5sum:b494fc3092f07d0f29cc06a19fe61306\n sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n VIX API for Linux 32-bit\n md5sum:6b0ed8872d8b714363cddc68b6a77008\n sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n VIX API for Linux 64-bit\n md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n VIX API Version: 1.8.1 | 2009-10-11 | 207905\n ---------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:4f21e4cb518767bc08045f5a39f5d41f\n sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n VIX API for Linux 32-bit\n md5sum:f347e94d907c26754540d59956ee5d53\n sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n VIX API for Linux 64-bit\n md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n VIX API Version: 1.10 Beta | 01/28/10 | 222403\n ----------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n VIX API for Linux 32-bit\n md5sum:07d1989d042e317eb9d2b3daf269dda7\n sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n VIX API for Linux 64-bit\n md5sum:9b345008e0adec3c044988307294944b\n sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n ESXi\n ----\n ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n md5sum: e5aa2968d389594abdc59cbac7b0183d\n sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n http://kb.vmware.com/kb/1018404\n\n ESXi 3.5\n --------\n ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n ESXe350-200912401-O-BG from December 2009. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA10-238A\n\n\nMicrosoft Windows Insecurely Loads Dynamic Libraries\n\n Original release date: August 26, 2010\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n Any application running on the Microsoft Windows platform that\n uses dynamically linked libraries (DLLs) may be affected. Please see the Vendor Information\n section of Vulnerability Note VU#707943 for information about\n specific vendors. DLLs are typically loaded\n when the application is first started; however DLLs may be loaded\n and unloaded while the application is running. An application can\n request a DLL file in a variety of ways, and Windows uses several\n different search algorithms to find DLL files. The interaction\n between the application and Windows can result in a DLL file being\n loaded from the current working directory of the application,\n instead of the Windows system directory or the directory where the\n application is installed. \n\n The current working directory could be the desktop, a removable\n storage device such as a USB key, a Windows file share, or a WebDAV\n location. When a file associated with an application is opened, a\n DLL in the same directory as the file may be loaded. Although an\n attacker may not have permission to write to the Windows system or\n application directories, the attacker may be able to write a DLL to\n a directory used to store files, or the attacker could provide\n their own directory. \n\n Attacks against this type of vulnerability have been referred to as\n \"binary planting.\" Please see Vulnerability Note VU#707943 and\n Microsoft Security Advisory 2269637 for more information. \n\n\nII. Impact\n\n By placing a DLL with the correct name (and possibly the relative\n directory path) in the current working directory, an attacker could\n execute arbitrary code with the privileges of the application that\n loads the DLL. \n\n\nIII. Solution\n\n Individual applications that run on the Windows platform may\n require patches or updates. Microsoft Knowledge Base article\n KB2264107 describes an update that provides a registry key that can\n prevent Windows from searching the current working directory for\n DLL files. \n\n Information about specific solutions for different vendors, general\n mitigation techniques, and secure ways for applications to load\n DLLs can be found in the Vendor Information and Solution sections\n of Vulnerability Note VU#707943. \n\n\nIV. References\n\n * Vulnerability Note VU#707943 -\n \u003chttp://www.kb.cert.org/vuls/id/707943\u003e\n\n * Microsoft Security Advisory (2269637) -\n \u003chttp://www.microsoft.com/technet/security/advisory/2269637.mspx\u003e\n\n * A new CWDIllegalInDllSearch registry entry is available to control\n the DLL search path algorithm -\n \u003chttp://support.microsoft.com/kb/2264107\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA10-238A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA10-238A Feedback VU#707943\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2010 by US-CERT, a government organization. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/vmware-player\n \u003c= 2.5.5.328052 Vulnerable!\n 2 app-emulation/vmware-workstation\n \u003c= 6.5.5.328052 Vulnerable!\n 3 app-emulation/vmware-server\n \u003c= 1.0.9.156507 Vulnerable!\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nLocal users may be able to gain escalated privileges, cause a Denial of\nService, or gain sensitive information. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nFurthermore, guest OS users may be able to execute arbitrary code on\nthe host OS, gain escalated privileges on the guest OS, or cause a\nDenial of Service (crash the host OS). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nGentoo discontinued support for VMware Workstation. We recommend that users\nunmerge VMware Server:\n\n # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[ 1 ] CVE-2007-5269\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[ 2 ] CVE-2007-5503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[ 3 ] CVE-2007-5671\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[ 4 ] CVE-2008-0967\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[ 5 ] CVE-2008-1340\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[ 6 ] CVE-2008-1361\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[ 7 ] CVE-2008-1362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[ 8 ] CVE-2008-1363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[ 9 ] CVE-2008-1364\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1141"
},
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "BID",
"id": "39392"
},
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "93209"
},
{
"db": "PACKETSTORM",
"id": "117012"
}
],
"trust": 4.59
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1141",
"trust": 4.0
},
{
"db": "SECUNIA",
"id": "39198",
"trust": 3.1
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023832",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1023833",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#707943",
"trust": 1.7
},
{
"db": "USCERT",
"id": "TA10-238A",
"trust": 1.7
},
{
"db": "BID",
"id": "39392",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2010-0574",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160",
"trust": 1.0
},
{
"db": "BID",
"id": "1699",
"trust": 0.8
},
{
"db": "VUPEN",
"id": "ADV-2010-0852",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788\u203b14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7C8FB0-463F-11E9-A735-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "46C824C0-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2010-1141",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "93209",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117012",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "BID",
"id": "39392"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "93209"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"id": "VAR-200009-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
}
]
},
"last_update_date": "2024-11-29T21:43:16.291000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"title": "HT4105",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4105"
},
{
"title": "HT4105",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4105?viewlocale=ja_JP"
},
{
"title": "Opera Software\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/JVNVU707943/844993/index.html"
},
{
"title": "Adobe\u304b\u3089\u306e\u60c5\u5831",
"trust": 0.8,
"url": "http://jvn.jp/vu/JVNVU707943/244523/index.html"
},
{
"title": "LhaForge",
"trust": 0.8,
"url": "http://claybird.sakura.ne.jp/garage/lhaforge/index.html"
},
{
"title": "2010.2F9.2F7_ver_6.3.1",
"trust": 0.8,
"url": "http://lunapedia.lunascape.jp/index.php?title=Lunascape6#2010.2F9.2F7_ver_6.3.1"
},
{
"title": "Another technique for Fixing DLL Preloading attacks",
"trust": 0.8,
"url": "http://blogs.msdn.com/b/david_leblanc/archive/2010/08/23/another-technique-for-fixing-dll-preloading-attacks.aspx"
},
{
"title": "More information about the DLL Preloading remote attack vector",
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
},
{
"title": "Secure loading of libraries to prevent DLL preloading attacks - Guidance for Software Developers\u3000(Word \u6587\u66f8)",
"trust": 0.8,
"url": "http://blogs.technet.com/cfs-file.ashx/__key/CommunityServer-Components-PostAttachments/00-03-35-14-21/Secure-loading-of-libraries-to-prevent-DLL-Preloading.docx"
},
{
"title": "Dynamic-Link Library Security",
"trust": 0.8,
"url": "http://msdn.microsoft.com/ja-jp/library/ff919712%28v=VS.85%29.aspx"
},
{
"title": "2269637",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/advisory/2269637.mspx"
},
{
"title": "Load Library Safely",
"trust": 0.8,
"url": "https://blogs.technet.microsoft.com/srd/2014/05/13/load-library-safely/"
},
{
"title": "DLL \u691c\u7d22\u30d1\u30b9\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092\u5236\u5fa1\u3059\u308b\u65b0\u3057\u3044 CWDIllegalInDllSearch \u30ec\u30b8\u30b9\u30c8\u30ea\u30a8\u30f3\u30c8\u30ea\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://support.microsoft.com/kb/2264107"
},
{
"title": "NV11-003",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv11-003.html"
},
{
"title": "Microsoft Windows \u306b\u304a\u3051\u308b DLL \u8aad\u307f\u8fbc\u307f\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.ponsoftware.com/archiver/bug.htm#load_lib"
},
{
"title": "\u691c\u7d22\u30d1\u30b9\u306e\u554f\u984c\u306b\u8d77\u56e0\u3059\u308b\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www5f.biglobe.ne.jp/~t-susumu"
},
{
"title": "MHSVI#20100824",
"trust": 0.8,
"url": "http://homepage3.nifty.com/micco/vul/2010/mhsvi20100824.htm"
},
{
"title": "sleipnirsleipnir_295",
"trust": 0.8,
"url": "http://www.fenrir.co.jp/blog/2010/10/sleipnirsleipnir_295.html"
},
{
"title": "2269637",
"trust": 0.8,
"url": "https://www.microsoft.com/japan/technet/security/advisory/2269637.mspx"
},
{
"title": "\u65b0\u305f\u306a\u30ea\u30e2\u30fc\u30c8\u306e\u653b\u6483\u624b\u6cd5\u306b\u95a2\u3059\u308b\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea 2269637 \u3092\u516c\u958b",
"trust": 0.8,
"url": "http://blogs.technet.com/b/jpsecurity/archive/2010/08/24/3351474.aspx"
},
{
"title": "\u30e9\u30a4\u30d6\u30e9\u30ea\u3092\u5b89\u5168\u306b\u30ed\u30fc\u30c9\u3057\u3066 DLL \u306e\u30d7\u30ea\u30ed\u30fc\u30c9\u653b\u6483\u3092\u9632\u3050 - \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u958b\u767a\u8005\u5411\u3051\u30ac\u30a4\u30c0\u30f3\u30b9 (Word \u6587\u66f8)",
"trust": 0.8,
"url": "http://blogs.technet.com/cfs-file.ashx/__key/CommunityServer-Components-PostAttachments/00-03-35-14-74/Secure-loading-of-libraries-to-prevent-DLL-Preloading_5F00_J.docx"
},
{
"title": "TA10-238A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-238a.html"
},
{
"title": "VMSA - 2010 - 0007: VMware Managed Products, vCenter Server and ESX Multiple Security Patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/155"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/39198"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023832"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023833"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 1.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-238a.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 1.1,
"url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-1-pub.txt"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7020"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/39392"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.8,
"url": "http://www.cert.org/blogs/vuls/2008/09/carpet_bombing_and_directory_p.html"
},
{
"trust": 0.8,
"url": "http://blog.mandiant.com/archives/1207"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/en-us/library/aa297182"
},
{
"trust": 0.8,
"url": "http://blog.zoller.lu/2010/08/cve-2010-xn-loadlibrarygetprocaddress.html"
},
{
"trust": 0.8,
"url": "http://msdn.microsoft.com/en-us/library/ms684175%28vs.85%29.aspx"
},
{
"trust": 0.8,
"url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-2-pub.txt"
},
{
"trust": 0.8,
"url": "http://www.acrossecurity.com/aspr/aspr-2010-08-18-1-pub.txt"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1699/discuss"
},
{
"trust": 0.8,
"url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
},
{
"trust": 0.8,
"url": "http://blog.rapid7.com/?p=5325"
},
{
"trust": 0.8,
"url": "http://www.cs.ucdavis.edu/research/tech-reports/2010/cse-2010-2.pdf"
},
{
"trust": 0.8,
"url": "https://www.microsoft.com/technet/security/advisory/2269637.mspx"
},
{
"trust": 0.8,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
},
{
"trust": 0.8,
"url": "http://blogs.msdn.com/b/david_leblanc/archive/2010/08/23/another-technique-for-fixing-dll-preloading-attacks.aspx"
},
{
"trust": 0.8,
"url": "http://support.microsoft.com/kb/2264107"
},
{
"trust": 0.8,
"url": "http://www.guninski.com/officedll.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-238a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-23"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1141"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/0852"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/about/press/20101111.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta10-238a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu707943"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2010-23/"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/707943"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/707943\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta10-238a.html\u003e"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2264107\u003e"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/advisory/2269637.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "BID",
"id": "39392"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "93209"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#707943"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"db": "BID",
"id": "39392"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "93209"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"date": "2010-04-13T00:00:00",
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#707943"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39392"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"date": "2010-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215"
},
{
"date": "2010-08-27T02:58:57",
"db": "PACKETSTORM",
"id": "93209"
},
{
"date": "2012-09-30T16:40:15",
"db": "PACKETSTORM",
"id": "117012"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"date": "2010-04-12T18:30:00.663000",
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-13T00:00:00",
"db": "CERT/CC",
"id": "VU#707943"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0574"
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2010-1141"
},
{
"date": "2012-10-01T19:10:00",
"db": "BID",
"id": "39392"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001364"
},
{
"date": "2016-11-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001999"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-160"
},
{
"date": "2024-11-21T01:13:44.370000",
"db": "NVD",
"id": "CVE-2010-1141"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMWare Tools Package Library Reference Code Execution Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
},
{
"db": "IVD",
"id": "46c824c0-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0574"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-160"
}
],
"trust": 0.6
}
}
var-200110-0343
Vulnerability from variot
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
-
Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0343",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10cu2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.8"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "fitelnet-f series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "mucho series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:centrecom",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:mucho",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor credits Tavis Ormandy and Will Drewry of the Google Security Team with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-4343",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "64684"
}
],
"trust": 5.94
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 3.4
},
{
"db": "BID",
"id": "20246",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200110-0343",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-10-25T20:16:12.322000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "openssl (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102711",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/070119_77/top.html"
},
{
"title": "X.509\u8a3c\u660e\u66f8\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20071108.html"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
},
{
"title": "729618/NISCC/PARASITIC-KEYS",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/niscc729618.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr044501.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-729618/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4343"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2018-10-17T21:36:13.210000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20246"
}
],
"trust": 0.3
}
}
var-200609-1252
Vulnerability from variot
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:207 http://www.mandriva.com/security/
Package : bind Date : November 14, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem (CVE-2006-4339). BIND uses RSA cryptography as part of its DNSSEC implementation. As a result, to resolve the security issue, these packages need to be upgraded and for both KEY and DNSKEY record types, new RSASHA1 and RSAMD5 keys need to be generated using the "-e" option of dnssec-keygen, if the current keys were generated using the default exponent of 3.
You are able to determine if your keys are vulnerable by looking at the algorithm (1 or 5) and the first three characters of the Base64 encoded RSA key. RSAMD5 (1) and RSASHA1 (5) keys that start with "AQM", "AQN", "AQO", or "AQP" are vulnerable.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://marc.theaimsgroup.com/?l=bind-announce&m=116253119512445
Updated Packages:
Mandriva Linux 2006.0: 1035f92172986ed63ca035de0603a0fd 2006.0/i586/bind-9.3.1-4.2.20060mdk.i586.rpm 4f5949d85f13c68220f4f5f030f63849 2006.0/i586/bind-devel-9.3.1-4.2.20060mdk.i586.rpm f201e05548b673268038e95225451085 2006.0/i586/bind-utils-9.3.1-4.2.20060mdk.i586.rpm 4f57cbdc960171c439223f5c20952460 2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 83b6c31bef9e4df229e2fe5cf8c3aa2a 2006.0/x86_64/bind-9.3.1-4.2.20060mdk.x86_64.rpm fb03e9a493645041816c206267a052f4 2006.0/x86_64/bind-devel-9.3.1-4.2.20060mdk.x86_64.rpm f54babadfba3ec593563724208df1eaa 2006.0/x86_64/bind-utils-9.3.1-4.2.20060mdk.x86_64.rpm 4f57cbdc960171c439223f5c20952460 2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm
Mandriva Linux 2007.0: 6c282a7b5c3cfec534e2557926005bbf 2007.0/i586/bind-9.3.2-8.1mdv2007.0.i586.rpm 03390448f140777d62cdd76e50361526 2007.0/i586/bind-devel-9.3.2-8.1mdv2007.0.i586.rpm 7546dc98ff5e8061636a3a75d6b318fb 2007.0/i586/bind-utils-9.3.2-8.1mdv2007.0.i586.rpm 8be8a7d591971e760d1251bd75f97a6c 2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: c190d522505a16aa97891f525e0034a4 2007.0/x86_64/bind-9.3.2-8.1mdv2007.0.x86_64.rpm 594cacdac86db81b0c62a7380c6a3a2d 2007.0/x86_64/bind-devel-9.3.2-8.1mdv2007.0.x86_64.rpm e827e65717615868896e43bcb4856f2d 2007.0/x86_64/bind-utils-9.3.2-8.1mdv2007.0.x86_64.rpm 8be8a7d591971e760d1251bd75f97a6c 2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm
Corporate 3.0: fa096b2fac1840797e382ba61728d47e corporate/3.0/i586/bind-9.2.3-6.2.C30mdk.i586.rpm 0f1e56f1f3a2689443c04b52d8ce5545 corporate/3.0/i586/bind-devel-9.2.3-6.2.C30mdk.i586.rpm 99bf1f4127e97b8941b597aa5e19aa0a corporate/3.0/i586/bind-utils-9.2.3-6.2.C30mdk.i586.rpm 2b49bd9c7edf8bd81b297260b54de32d corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm
Corporate 3.0/X86_64: e74bea44aee406d11c87227584790c26 corporate/3.0/x86_64/bind-9.2.3-6.2.C30mdk.x86_64.rpm b108edf227b55f3af3ab55b48c23a62a corporate/3.0/x86_64/bind-devel-9.2.3-6.2.C30mdk.x86_64.rpm ba548cbba992f479ad40ecf0808f36cb corporate/3.0/x86_64/bind-utils-9.2.3-6.2.C30mdk.x86_64.rpm 2b49bd9c7edf8bd81b297260b54de32d corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm
Corporate 4.0: 8bfc97510d4f07568d64c9b9872b4bba corporate/4.0/i586/bind-9.3.2-7.1.20060mlcs4.i586.rpm dda709703f8bf05f1ff59ae6132a81a7 corporate/4.0/i586/bind-devel-9.3.2-7.1.20060mlcs4.i586.rpm daf59d23abaaaf62c990d2fa1155688c corporate/4.0/i586/bind-utils-9.3.2-7.1.20060mlcs4.i586.rpm ccfd1d4d79b168ab5f7998e51c305a26 corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 3d1bbe1e7d4f2de6e546996e181a16b0 corporate/4.0/x86_64/bind-9.3.2-7.1.20060mlcs4.x86_64.rpm c1b8467d62623ef5daf35a696ab2389e corporate/4.0/x86_64/bind-devel-9.3.2-7.1.20060mlcs4.x86_64.rpm 83cf57110f107c450aaac5931ee52ecb corporate/4.0/x86_64/bind-utils-9.3.2-7.1.20060mlcs4.x86_64.rpm ccfd1d4d79b168ab5f7998e51c305a26 corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm
Multi Network Firewall 2.0: abd228e7f0b762ae8c11c8ecd90200c2 mnf/2.0/i586/bind-9.2.3-6.2.M20mdk.i586.rpm dd7b0785e31880a09d10957695c0552d mnf/2.0/i586/bind-devel-9.2.3-6.2.M20mdk.i586.rpm 0a2052e5f263b8b8d94111a581928c57 mnf/2.0/i586/bind-utils-9.2.3-6.2.M20mdk.i586.rpm eff2c78779b4285783ffea14e6e33c31 mnf/2.0/SRPMS/bind-9.2.3-6.2.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFWlnDmqjQ0CJFipgRAvl+AKCd5q51CkdHf1UnUJ4imb9Fzl5mZQCfaW5Z 6faoicEmIFqGW4QuEVIhCbU= =bI0u -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1252",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com\u203bVicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es\u203bAlexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4339",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4339",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:207\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : bind\n Date : November 14, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n The BIND DNS server is vulnerable to the recently-discovered OpenSSL\n RSA signature verification problem (CVE-2006-4339). BIND uses RSA\n cryptography as part of its DNSSEC implementation. As a result, to\n resolve the security issue, these packages need to be upgraded and for\n both KEY and DNSKEY record types, new RSASHA1 and RSAMD5 keys need to\n be generated using the \"-e\" option of dnssec-keygen, if the current\n keys were generated using the default exponent of 3. \n\n You are able to determine if your keys are vulnerable by looking at the\n algorithm (1 or 5) and the first three characters of the Base64 encoded\n RSA key. RSAMD5 (1) and RSASHA1 (5) keys that start with \"AQM\", \"AQN\",\n \"AQO\", or \"AQP\" are vulnerable. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 1035f92172986ed63ca035de0603a0fd 2006.0/i586/bind-9.3.1-4.2.20060mdk.i586.rpm\n 4f5949d85f13c68220f4f5f030f63849 2006.0/i586/bind-devel-9.3.1-4.2.20060mdk.i586.rpm\n f201e05548b673268038e95225451085 2006.0/i586/bind-utils-9.3.1-4.2.20060mdk.i586.rpm \n 4f57cbdc960171c439223f5c20952460 2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 83b6c31bef9e4df229e2fe5cf8c3aa2a 2006.0/x86_64/bind-9.3.1-4.2.20060mdk.x86_64.rpm\n fb03e9a493645041816c206267a052f4 2006.0/x86_64/bind-devel-9.3.1-4.2.20060mdk.x86_64.rpm\n f54babadfba3ec593563724208df1eaa 2006.0/x86_64/bind-utils-9.3.1-4.2.20060mdk.x86_64.rpm \n 4f57cbdc960171c439223f5c20952460 2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 6c282a7b5c3cfec534e2557926005bbf 2007.0/i586/bind-9.3.2-8.1mdv2007.0.i586.rpm\n 03390448f140777d62cdd76e50361526 2007.0/i586/bind-devel-9.3.2-8.1mdv2007.0.i586.rpm\n 7546dc98ff5e8061636a3a75d6b318fb 2007.0/i586/bind-utils-9.3.2-8.1mdv2007.0.i586.rpm \n 8be8a7d591971e760d1251bd75f97a6c 2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n c190d522505a16aa97891f525e0034a4 2007.0/x86_64/bind-9.3.2-8.1mdv2007.0.x86_64.rpm\n 594cacdac86db81b0c62a7380c6a3a2d 2007.0/x86_64/bind-devel-9.3.2-8.1mdv2007.0.x86_64.rpm\n e827e65717615868896e43bcb4856f2d 2007.0/x86_64/bind-utils-9.3.2-8.1mdv2007.0.x86_64.rpm \n 8be8a7d591971e760d1251bd75f97a6c 2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n fa096b2fac1840797e382ba61728d47e corporate/3.0/i586/bind-9.2.3-6.2.C30mdk.i586.rpm\n 0f1e56f1f3a2689443c04b52d8ce5545 corporate/3.0/i586/bind-devel-9.2.3-6.2.C30mdk.i586.rpm\n 99bf1f4127e97b8941b597aa5e19aa0a corporate/3.0/i586/bind-utils-9.2.3-6.2.C30mdk.i586.rpm \n 2b49bd9c7edf8bd81b297260b54de32d corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n e74bea44aee406d11c87227584790c26 corporate/3.0/x86_64/bind-9.2.3-6.2.C30mdk.x86_64.rpm\n b108edf227b55f3af3ab55b48c23a62a corporate/3.0/x86_64/bind-devel-9.2.3-6.2.C30mdk.x86_64.rpm\n ba548cbba992f479ad40ecf0808f36cb corporate/3.0/x86_64/bind-utils-9.2.3-6.2.C30mdk.x86_64.rpm \n 2b49bd9c7edf8bd81b297260b54de32d corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm\n\n Corporate 4.0:\n 8bfc97510d4f07568d64c9b9872b4bba corporate/4.0/i586/bind-9.3.2-7.1.20060mlcs4.i586.rpm\n dda709703f8bf05f1ff59ae6132a81a7 corporate/4.0/i586/bind-devel-9.3.2-7.1.20060mlcs4.i586.rpm\n daf59d23abaaaf62c990d2fa1155688c corporate/4.0/i586/bind-utils-9.3.2-7.1.20060mlcs4.i586.rpm \n ccfd1d4d79b168ab5f7998e51c305a26 corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 3d1bbe1e7d4f2de6e546996e181a16b0 corporate/4.0/x86_64/bind-9.3.2-7.1.20060mlcs4.x86_64.rpm\n c1b8467d62623ef5daf35a696ab2389e corporate/4.0/x86_64/bind-devel-9.3.2-7.1.20060mlcs4.x86_64.rpm\n 83cf57110f107c450aaac5931ee52ecb corporate/4.0/x86_64/bind-utils-9.3.2-7.1.20060mlcs4.x86_64.rpm \n ccfd1d4d79b168ab5f7998e51c305a26 corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n abd228e7f0b762ae8c11c8ecd90200c2 mnf/2.0/i586/bind-9.2.3-6.2.M20mdk.i586.rpm\n dd7b0785e31880a09d10957695c0552d mnf/2.0/i586/bind-devel-9.2.3-6.2.M20mdk.i586.rpm\n 0a2052e5f263b8b8d94111a581928c57 mnf/2.0/i586/bind-utils-9.2.3-6.2.M20mdk.i586.rpm \n eff2c78779b4285783ffea14e6e33c31 mnf/2.0/SRPMS/bind-9.2.3-6.2.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFWlnDmqjQ0CJFipgRAvl+AKCd5q51CkdHf1UnUJ4imb9Fzl5mZQCfaW5Z\n6faoicEmIFqGW4QuEVIhCbU=\n=bI0u\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "52186"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 1.8
},
{
"db": "BID",
"id": "19849",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "52186",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "52186"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200609-1252",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333334
},
"last_update_date": "2024-10-15T00:08:56.305000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OOo_3.2.1_Win_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3189"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3193"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3192"
},
{
"title": "OOo_3.2.1_Linux_x86_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3191"
},
{
"title": "OOo_3.2.0_Solaris_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3195"
},
{
"title": "OOo_3.2.1_Linux_x86_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3190"
},
{
"title": "OOo_3.2.0_MacOS_x86_install_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3194"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "52186"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "52186"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2006-11-16T16:32:32",
"db": "PACKETSTORM",
"id": "52186"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2018-10-17T21:35:10.617000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
}
}
var-200609-1261
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
(CVE-2006-4343) The get_server_hello function in the SSLv2 client
code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and
earlier versions allows remote servers to cause a denial of service
(client crash) via unknown vectors that trigger a null pointer
dereference.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
(CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4
allows remote attackers to cause a denial of service (crash), and
possibly execute arbitrary code if GSSAPI authentication is enabled,
via unspecified vectors that lead to a double-free.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings. Python applications
using this function can open a security vulnerability that could
allow the execution of arbitrary code.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. Three of the vulnerabilities are denials of service, but the other is a buffer overflow that is expected to create remote unauthorized access vulnerabilities in other applications. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 0.9.8d >= 0.9.8d *>= 0.9.7l
Description
Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally Dr. Stephen N. Henson found that the ASN.1 handler contains two Denial of Service vulnerabilities: while parsing an invalid ASN.1 structure and while handling certain types of public key.
Impact
An attacker could trigger the buffer overflow vulnerability by sending a malicious suite of ciphers to an application using the vulnerable function, and thus execute arbitrary code with the rights of the user running the application. An attacker could also consume CPU and/or memory by exploiting the Denial of Service vulnerabilities. Finally a malicious server could crash a SSLv2 client through the SSLv2 vulnerability.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1261",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n (CVE-2006-4343) The get_server_hello function in the SSLv2 client\n code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows remote servers to cause a denial of service\n (client crash) via unknown vectors that trigger a null pointer\n dereference. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4\n allows remote attackers to cause a denial of service (crash), and\n possibly execute arbitrary code if GSSAPI authentication is enabled,\n via unspecified vectors that lead to a double-free. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. Python applications\n using this function can open a security vulnerability that could\n allow the execution of arbitrary code. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. Three of the vulnerabilities are denials of service,\n but the other is a buffer overflow that is expected to create\n remote unauthorized access vulnerabilities in other applications. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 0.9.8d \u003e= 0.9.8d\n *\u003e= 0.9.7l\n\nDescription\n===========\n\nTavis Ormandy and Will Drewry, both of the Google Security Team,\ndiscovered that the SSL_get_shared_ciphers() function contains a buffer\noverflow vulnerability, and that the SSLv2 client code contains a flaw\nleading to a crash. Additionally Dr. Stephen N. Henson found that the\nASN.1 handler contains two Denial of Service vulnerabilities: while\nparsing an invalid ASN.1 structure and while handling certain types of\npublic key. \n\nImpact\n======\n\nAn attacker could trigger the buffer overflow vulnerability by sending\na malicious suite of ciphers to an application using the vulnerable\nfunction, and thus execute arbitrary code with the rights of the user\nrunning the application. An attacker could also consume CPU and/or\nmemory by exploiting the Denial of Service vulnerabilities. Finally a\nmalicious server could crash a SSLv2 client through the SSLv2\nvulnerability. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "51324"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.8
},
{
"db": "BID",
"id": "20247",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200609-1261",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-08-20T20:07:22.941000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2018-10-18T16:44:22.137000",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
}
}
var-201004-0997
Vulnerability from variot
vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors.". VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The VMWare Media Decoder contains a VMnc media codec for playing movies recorded by VMware Workstation, VMware Player, and VMware ACE. The vmnc.dll library has two integer truncation errors when processing HexTile encoded video blocks. Multiple VMware products are prone to multiple heap-based buffer-overflow vulnerabilities. An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote Vulnerabilities) but has been assigned its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.
This vulnerability is present only on Windows Guest Operating
Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any not affected
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x any 2.5.4 build 246459 or later
ACE 2.6.x Windows not affected
ACE 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any 2.0.2 build 203138 or later
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.6 build 246742 or later
ESXi 4.0 ESXi ESXi400-201002402-BG
ESXi 3.5 ESXi ESXe350-200912401-T-BG or later
ESX 4.0 ESX ESX400-201002401-BG
ESX 3.5 ESX ESX350-200912401-BG
ESX 3.0.3 ESX ESX303-201002203-UG
ESX 2.5.5 ESX Upgrade Patch 15
b. This vulnerability is present only on Windows Guest Operating Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Ace any any not affected
Server 2.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
d. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x any 2.5.4 build 246459 or later
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion any any Mac OS/X not affected
ESXi any ESXi not applicable
ESX any ESX not applicable
e.
Vulnerabilities in the decoder allow for execution of arbitrary
code with the privileges of the user running an application
utilizing the vulnerable codec.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.4 Build 246459 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.x any not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
ACE any any not affected
Server 2.x Window not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
f. VMware Remote Console format string vulnerability
VMware Remote Console (VMrc) contains a format string vulnerability.
For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.x Linux not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x Windows not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any any not affected
ESX any any not affected
h. Potential information leak via hosted networking stack
A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.
A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
i. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404
ESXi 3.5
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .
For more information see vulnerabilities #3 through #7 in: SA39206
SOLUTION: Restrict local access to trusted users only. Do not open untrusted images or video files. ======================================================================
Secunia Research 09/04/2010
- VMWare VMnc Codec HexTile Encoding -
- Two Integer Truncation Vulnerabilities -
====================================================================== Table of Contents
Affected Software....................................................1 Severity.............................................................2 Vendor's Description of Software.....................................3 Description of Vulnerability.........................................4 Solution.............................................................5 Time Table...........................................................6 Credits..............................................................7 References...........................................................8 About Secunia........................................................9 Verification........................................................10
====================================================================== 1) Affected Software
- VMWare Workstation version 6.5.3 build 185404.
NOTE: Other products and versions may also be affected.
====================================================================== 2) Severity
Rating: Highly critical Impact: System access Where: Remote
====================================================================== 3) Vendor's Description of Software
"VMware Workstation makes it simple to create and run multiple virtual machines on your desktop or laptop computer.
====================================================================== 6) Time Table
14/09/2009 - Vendor notified. 14/09/2009 - Vendor response. 09/04/2010 - Public disclosure.
====================================================================== 9) About Secunia
Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
====================================================================== 10) Verification
Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2009-37/
Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/
====================================================================== . ----------------------------------------------------------------------
Secunia CSI + Microsoft SCCM
= Extensive Patch Management
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
TITLE: VMware Products Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA39206
VERIFY ADVISORY: http://secunia.com/advisories/39206/
DESCRIPTION: Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system.
NOTE: This vulnerability cannot be exploited without administrative privileges on recent Windows versions (e.g. Windows XP and Windows Vista).
3) An error in libpng can be exploited to disclose uninitialised memory via a specially crafted image.
For more information: SA35346
4) A boundary error and two integer truncation errors in the VMnc codec can be exploited to potentially execute arbitrary code.
For more information: SA36712
5) An error in the VMware Authorization Service ("vmware-authd") can be exploited to cause a crash.
For more information: SA39203
7) A format string error in "vmrun" can be exploited to potentially gain escalated privileges.
For more information: SA39201
SOLUTION: Update to a fixed version.
PROVIDED AND/OR DISCOVERED BY: 4) Alin Rad Pop, Secunia Research
The vendor also credits: 1) Jure Skofic and Mitja Kolsek of ACROS Security 2) Thierry Zoller 4) iDefense and Sebastien Renaud of Vupen 6) Johann MacDonagh 7) Thomas Toth-Steiner
ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html
Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/
OTHER REFERENCES: SA35346: http://secunia.com/advisories/35346/
SA36712: http://secunia.com/advisories/36712/
SA36988: http://secunia.com/advisories/36988/
SA39198: http://secunia.com/advisories/39198/
SA39201: http://secunia.com/advisories/39201/
SA39203: http://secunia.com/advisories/39203/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0997",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "server",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0.0"
},
{
"model": "player",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "server",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "player",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "movie decoder",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "movie decoder",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "movie decoder",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "6.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "movie decoder",
"version": "6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.2"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "movie decoder",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1"
},
{
"db": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0566"
},
{
"db": "BID",
"id": "39364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-154"
},
{
"db": "NVD",
"id": "CVE-2009-1565"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:movie_decoder",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop",
"sources": [
{
"db": "PACKETSTORM",
"id": "88218"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-154"
}
],
"trust": 0.7
},
"cve": "CVE-2009-1565",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-1565",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-1565",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-1565",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-154",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2009-1565",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1"
},
{
"db": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2009-1565"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-154"
},
{
"db": "NVD",
"id": "CVE-2009-1565"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to \"integer truncation errors.\". VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The VMWare Media Decoder contains a VMnc media codec for playing movies recorded by VMware Workstation, VMware Player, and VMware ACE. The vmnc.dll library has two integer truncation errors when processing HexTile encoded video blocks. Multiple VMware products are prone to multiple heap-based buffer-overflow vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote Vulnerabilities) but has been assigned its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n A vulnerability in the way VMware libraries are referenced allows\n for arbitrary code execution in the context of the logged on user. \n This vulnerability is present only on Windows Guest Operating\n Systems. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to lure the user that is logged on a Windows Guest\n Operating System to click on the attacker\u0027s file on a network\n share. This file could be in any file format. The attacker will\n need to have the ability to host their malicious files on a\n network share. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n\n Steps needed to remediate this vulnerability:\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the remediated version of Workstation, Player, ACE,\n Server and Fusion. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any not affected\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x any 2.5.4 build 246459 or later\n\n ACE 2.6.x Windows not affected\n ACE 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any 2.0.2 build 203138 or later\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.6 build 246742 or later\n\n ESXi 4.0 ESXi ESXi400-201002402-BG\n ESXi 3.5 ESXi ESXe350-200912401-T-BG or later\n\n ESX 4.0 ESX ESX400-201002401-BG\n ESX 3.5 ESX ESX350-200912401-BG\n ESX 3.0.3 ESX ESX303-201002203-UG\n ESX 2.5.5 ESX Upgrade Patch 15\n\n b. This\n vulnerability is present only on Windows Guest Operating Systems. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the Virtual Machine of the user. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n escalation\n\n A vulnerability in the USB service allows for a privilege\n escalation. A local attacker on the host of a Windows-based\n Operating System where VMware Workstation or VMware Player\n is installed could plant a malicious executable on the host and\n elevate their privileges. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x any not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.0 Linux not affected\n Player 2.5.x any not affected\n\n Ace any any not affected\n\n Server 2.x any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not applicable\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x any 2.5.4 build 246459 or later\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion any any Mac OS/X not affected\n\n ESXi any ESXi not applicable\n\n ESX any ESX not applicable\n\n e. \n\n Vulnerabilities in the decoder allow for execution of arbitrary\n code with the privileges of the user running an application\n utilizing the vulnerable codec. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Movie Decoder any Windows 6.5.4 Build 246459 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.x any not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n ACE any any not affected\n\n Server 2.x Window not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\nf. VMware Remote Console format string vulnerability\n\n VMware Remote Console (VMrc) contains a format string vulnerability. \n\n For an attack to be successful, an attacker would need to trick the\n VMrc user into opening a malicious Web page or following a malicious\n URL. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.x Linux not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x Windows not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any any not affected\n\n ESX any any not affected\n\n h. Potential information leak via hosted networking stack\n\n A vulnerability in the virtual networking stack of VMware hosted\n products could allow host information disclosure. \n\n A guest operating system could send memory from the host vmware-vmx\n process to the virtual network adapter and potentially to the\n host\u0027s physical Ethernet wire. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n i. Linux-based vmrun format string vulnerability\n\n A format string vulnerability in vmrun could allow arbitrary code\n execution. \n\n If a vmrun command is issued and processes are listed, code could\n be executed in the context of the user listing the processes. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n VIX API any Windows not affected\n VIX API 1.6.x Linux upgrade to VIX API 1.7 or later\n VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows not affected\n Workstation 6.5.x Linux 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x Windows not affected\n Player 2.5.x Linux 2.5.4 build 246459 or later\n\n Ace any Windows not affected\n\n Server 2.x Windows not affected\n Server 2.x Linux not being fixed at this time\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n VIX API 1.6 for Windows\n Version 2.0.2 | 203138 - 10/26/09\n 37 MB image\n md5sum: 827e65e70803ec65ade62dd27a74407a\n sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n For Linux\n\n VMware Server 2 for Linux Operating Systems. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 451 MB TAR image\n md5sum: cc7aef813008eeb7150c21547d431b39\n sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n VMware Fusion 3.0.2\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n VMware Fusion 3.0.2 (for Intel-based Macs)\n md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n VMware Fusion 2.0.7\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n VMware Fusion 2.0.7 (for Intel-based Macs)\n md5sum: a293f5ce6ccc227760640753386e9da6\n sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n VMware Fusion 2.0.7 Light (for Intel-based Macs)\n md5sum: d4772d118fb90323f598849e70c21189\n sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n ----------------------------------------------\n VIX API for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host\n md5sum:b494fc3092f07d0f29cc06a19fe61306\n sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n VIX API for Linux 32-bit\n md5sum:6b0ed8872d8b714363cddc68b6a77008\n sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n VIX API for Linux 64-bit\n md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n VIX API Version: 1.8.1 | 2009-10-11 | 207905\n ---------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:4f21e4cb518767bc08045f5a39f5d41f\n sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n VIX API for Linux 32-bit\n md5sum:f347e94d907c26754540d59956ee5d53\n sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n VIX API for Linux 64-bit\n md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n VIX API Version: 1.10 Beta | 01/28/10 | 222403\n ----------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n VIX API for Linux 32-bit\n md5sum:07d1989d042e317eb9d2b3daf269dda7\n sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n VIX API for Linux 64-bit\n md5sum:9b345008e0adec3c044988307294944b\n sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n ESXi\n ----\n ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n md5sum: e5aa2968d389594abdc59cbac7b0183d\n sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n http://kb.vmware.com/kb/1018404\n\n ESXi 3.5\n --------\n ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n ESXe350-200912401-O-BG from December 2009. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nFor more information see vulnerabilities #3 through #7 in:\nSA39206\n\nSOLUTION:\nRestrict local access to trusted users only. Do not open untrusted\nimages or video files. ====================================================================== \n\n Secunia Research 09/04/2010\n\n - VMWare VMnc Codec HexTile Encoding - \n - Two Integer Truncation Vulnerabilities -\n\n====================================================================== \nTable of Contents\n\nAffected Software....................................................1\nSeverity.............................................................2\nVendor\u0027s Description of Software.....................................3\nDescription of Vulnerability.........................................4\nSolution.............................................................5\nTime Table...........................................................6\nCredits..............................................................7\nReferences...........................................................8\nAbout Secunia........................................................9\nVerification........................................................10\n\n====================================================================== \n1) Affected Software \n\n* VMWare Workstation version 6.5.3 build 185404. \n\nNOTE: Other products and versions may also be affected. \n\n====================================================================== \n2) Severity \n\nRating: Highly critical\nImpact: System access\nWhere: Remote\n\n====================================================================== \n3) Vendor\u0027s Description of Software \n\n\"VMware Workstation makes it simple to create and run multiple virtual\nmachines on your desktop or laptop computer. \n\n====================================================================== \n6) Time Table \n\n14/09/2009 - Vendor notified. \n14/09/2009 - Vendor response. \n09/04/2010 - Public disclosure. \n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2009-37/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n. ----------------------------------------------------------------------\n\n\n Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA39206\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39206/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in multiple VMware products,\nwhich can be exploited by malicious, local users to disclose\nsensitive information or gain escalated privileges, and by malicious\npeople to disclose sensitive information, cause a DoS (Denial of\nService), or potentially compromise a user\u0027s system. \n\nNOTE: This vulnerability cannot be exploited without administrative\nprivileges on recent Windows versions (e.g. Windows XP and Windows\nVista). \n\n3) An error in libpng can be exploited to disclose uninitialised\nmemory via a specially crafted image. \n\nFor more information:\nSA35346\n\n4) A boundary error and two integer truncation errors in the VMnc\ncodec can be exploited to potentially execute arbitrary code. \n\nFor more information:\nSA36712\n\n5) An error in the VMware Authorization Service (\"vmware-authd\") can\nbe exploited to cause a crash. \n\nFor more information:\nSA39203\n\n7) A format string error in \"vmrun\" can be exploited to potentially\ngain escalated privileges. \n\nFor more information:\nSA39201\n\nSOLUTION:\nUpdate to a fixed version. \n\nPROVIDED AND/OR DISCOVERED BY:\n4) Alin Rad Pop, Secunia Research\n\nThe vendor also credits:\n1) Jure Skofic and Mitja Kolsek of ACROS Security\n2) Thierry Zoller\n4) iDefense and Sebastien Renaud of Vupen\n6) Johann MacDonagh\n7) Thomas Toth-Steiner\n\nORIGINAL ADVISORY:\nVMware (VMSA-2010-0007):\nhttp://lists.vmware.com/pipermail/security-announce/2010/000090.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2009-36/\nhttp://secunia.com/secunia_research/2009-37/\n\nOTHER REFERENCES:\nSA35346:\nhttp://secunia.com/advisories/35346/\n\nSA36712:\nhttp://secunia.com/advisories/36712/\n\nSA36988:\nhttp://secunia.com/advisories/36988/\n\nSA39198:\nhttp://secunia.com/advisories/39198/\n\nSA39201:\nhttp://secunia.com/advisories/39201/\n\nSA39203:\nhttp://secunia.com/advisories/39203/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1565"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
},
{
"db": "CNVD",
"id": "CNVD-2010-0566"
},
{
"db": "BID",
"id": "39364"
},
{
"db": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1"
},
{
"db": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2009-1565"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88218"
},
{
"db": "PACKETSTORM",
"id": "88237"
},
{
"db": "PACKETSTORM",
"id": "88233"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1565",
"trust": 4.0
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "39215",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "36712",
"trust": 2.6
},
{
"db": "BID",
"id": "39364",
"trust": 2.2
},
{
"db": "OSVDB",
"id": "63615",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1023838",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2010-0566",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-154",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0852",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001370",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14789\u203b14788",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7E3D60-463F-11E9-AE54-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "4686A4AA-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2009-1565",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88234",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88218",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88237",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88233",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1"
},
{
"db": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0566"
},
{
"db": "VULMON",
"id": "CVE-2009-1565"
},
{
"db": "BID",
"id": "39364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88218"
},
{
"db": "PACKETSTORM",
"id": "88237"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-154"
},
{
"db": "NVD",
"id": "CVE-2009-1565"
}
]
},
"id": "VAR-201004-0997",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1"
},
{
"db": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0566"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1"
},
{
"db": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0566"
}
]
},
"last_update_date": "2024-11-23T19:59:26.556000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/163"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0566"
},
{
"db": "VULMON",
"id": "CVE-2009-1565"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
},
{
"db": "NVD",
"id": "CVE-2009-1565"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/36712"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39215"
},
{
"trust": 2.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/39364"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023838"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.1,
"url": "http://www.osvdb.org/63615"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1565"
},
{
"trust": 0.8,
"url": "http://osvdb.org/63615"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/0852"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14789\u203b14788"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/39206/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/36712/"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39215/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/"
},
{
"trust": 0.1,
"url": "http://secunia.com/corporate/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/mailing_lists/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/products/ws/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36988/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39201/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39203/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/39198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35346/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0566"
},
{
"db": "VULMON",
"id": "CVE-2009-1565"
},
{
"db": "BID",
"id": "39364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88218"
},
{
"db": "PACKETSTORM",
"id": "88237"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-154"
},
{
"db": "NVD",
"id": "CVE-2009-1565"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1"
},
{
"db": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0566"
},
{
"db": "VULMON",
"id": "CVE-2009-1565"
},
{
"db": "BID",
"id": "39364"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88234"
},
{
"db": "PACKETSTORM",
"id": "88218"
},
{
"db": "PACKETSTORM",
"id": "88237"
},
{
"db": "PACKETSTORM",
"id": "88233"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-154"
},
{
"db": "NVD",
"id": "CVE-2009-1565"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-12T00:00:00",
"db": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1"
},
{
"date": "2010-04-12T00:00:00",
"db": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0566"
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1565"
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39364"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001370"
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215"
},
{
"date": "2010-04-12T12:34:16",
"db": "PACKETSTORM",
"id": "88234"
},
{
"date": "2010-04-10T03:25:29",
"db": "PACKETSTORM",
"id": "88218"
},
{
"date": "2010-04-12T12:34:24",
"db": "PACKETSTORM",
"id": "88237"
},
{
"date": "2010-04-12T12:34:14",
"db": "PACKETSTORM",
"id": "88233"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-154"
},
{
"date": "2010-04-12T18:30:00.383000",
"db": "NVD",
"id": "CVE-2009-1565"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0566"
},
{
"date": "2010-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1565"
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39364"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001370"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-154"
},
{
"date": "2024-11-21T01:02:47.447000",
"db": "NVD",
"id": "CVE-2009-1565"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-154"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMnc Vulnerability to execute arbitrary code in media codec and movie decoder",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001370"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "7d7e3d60-463f-11e9-ae54-000c29342cb1"
},
{
"db": "IVD",
"id": "4686a4aa-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-154"
}
],
"trust": 1.0
}
}
var-200609-1445
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 0.9.8d >= 0.9.8d *>= 0.9.7l
Description
Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
. The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1445",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 0.9.8d \u003e= 0.9.8d\n *\u003e= 0.9.7l\n\nDescription\n===========\n\nTavis Ormandy and Will Drewry, both of the Google Security Team,\ndiscovered that the SSL_get_shared_ciphers() function contains a buffer\noverflow vulnerability, and that the SSLv2 client code contains a flaw\nleading to a crash. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "56053"
}
],
"trust": 5.04
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "BID",
"id": "20248",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-1445",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-02T21:35:49.667000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.4,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-201006-0260
Vulnerability from variot
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The 'libpng' library is prone to multiple vulnerabilities. Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. These issues affect versions prior to 'libpng' 1.4.3 and 1.2.44.
Background
libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libpng < 1.4.3 >= 1.4.3
Description
Multiple vulnerabilities were found in libpng:
-
The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205)
-
A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205)
-
A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249)
Impact
An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user.
Workaround
There is no known workaround at this time.
Resolution
All libpng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3"
References
[ 1 ] CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 [ 2 ] CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 [ 3 ] CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201010-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
For the testing (squeeze) and unstable (sid) distribution, these problems have been fixed in version 1.2.44-1
We recommend that you upgrade your libpng package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed
These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425
- Summary
VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.
- Relevant releases
VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,
Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.
- Problem Description
a. VMware Workstation and Player installer security issue
The Workstation 7.x and Player 3.x installers will load an index.htm
file located in the current working directory on which Workstation
7.x or Player 3.x is being installed. This may allow an attacker to
display a malicious file if they manage to get their file onto the
system prior to installation.
The issue can only be exploited at the time that Workstation 7.x or
Player 3.x is being installed. Installed versions of Workstation and
Player are not affected. The security issue is no longer present in
the installer of the new versions of Workstation 7.x and Player 3.x
(see table below for the version numbers).
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3277 to this issue.
VMware would like to thank Alexander Trofimov and Marc Esher for
independently reporting this issue to VMware.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any 7.1.2 build 301548 or later *
Workstation 6.5.x any not affected
Player 3.x any 3.1.2 build 301548 or later *
Player 2.5.x any not affected
AMS any any not affected
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
- Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable.
b. Third party libpng updated to version 1.2.44
A buffer overflow condition in libpng is addressed that could
potentially lead to code execution with the privileges of the
application using libpng. Two potential denial of service issues
are also addressed in the update.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249
to these issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.1.x any 7.1.2 build 301548 or later
Workstation 6.5.x any affected, patch pending
Player 3.1.x any 3.1.2 build 301548 or later
Player 2.5.x any affected, patch pending
AMS any any not affected
Server any any affected, no patch planned
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.
A function in Apache HTTP Server when multithreaded MPM is used
does not properly handle headers in subrequests in certain
circumstances which may allow remote attackers to obtain sensitive
information via a crafted request that triggers access to memory
locations associated with an earlier request.
The Apache mod_isapi module can be forced to unload a specific
library before the processing of a request is complete, resulting
in memory corruption.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation any any not affected
Player any any not affected
AMS any Windows 2.7.2 build 301548 or later
AMS any Linux affected, patch pending *
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note CVE-2010-0425 is not applicable to AMS running on Linux
-
Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 7.1.2
http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html
Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: 2e9715ec297dc3ca904ad2707d3e2614
sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a
Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 066929f59aef46f11f4d9fd6c6b36e4d
sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3
VMware Player 3.1.2
http://www.vmware.com/download/player/ Release notes:
http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html
VMware Player for Windows 32-bit and 64-bit
md5sum: 3f289cb33af5e425c92d8512fb22a7ba
sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70
VMware Player for Linux 32-bit
md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8
sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749
VMware Player for Linux 64-bit
md5sum: 2ab08e0d4050719845a64d334ca15bb1
sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c
VMware ACE Management Server 2.7.2
http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html
ACE Management Server for Windows
md5sum: 02f0072b8e48a98ed914b633f070d550
sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
- Change log
2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware Security Advisories http://www.vmware.com/security/advisoiries
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-960-1 July 08, 2010 libpng vulnerabilities CVE-2010-1205, CVE-2010-2249 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.6
Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.3
Ubuntu 9.04: libpng12-0 1.2.27-2ubuntu2.2
Ubuntu 9.10: libpng12-0 1.2.37-1ubuntu0.2
Ubuntu 10.04 LTS: libpng12-0 1.2.42-1ubuntu2.1
After a standard system update you need to reboot your computer to make all the necessary changes.
Details follow:
It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)
It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-2249)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz
Size/MD5: 24044 8979ca6b113137fe5ee051c1c70571eb
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc
Size/MD5: 661 92722fa973e92a99f982fe05b5826adf
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb
Size/MD5: 842 dcbc7d24c8426e3b3024859ec157f57e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb
Size/MD5: 114528 aea355e99e67b76c9464f8cc49b3560d
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb
Size/MD5: 247576 f0e52e10a663f9b1b04d9371d4a2cf14
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb
Size/MD5: 69504 6536e83152b2cf00d0d961b9b095c2d5
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb
Size/MD5: 112048 b8f85cc6154602422a8841a5cad1a4a1
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb
Size/MD5: 239628 fb6f6e62a9fa6114c50946c74cb2ed5d
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb
Size/MD5: 66946 501acb21d567d62608904e4272ff842d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb
Size/MD5: 111648 19cccb12fb968f40f04068b9da24f589
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb
Size/MD5: 245230 ebdbfc860056170b7a165479d7905bb3
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb
Size/MD5: 66458 24e918a95770150b4df72530bd6de095
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb
Size/MD5: 109156 510d17affd2c0cf3f5dce5379df57d49
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb
Size/MD5: 240072 1ff11e0649a58bc7b809c86941aaafd7
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb
Size/MD5: 63882 d7df02c540e66a536cbffca5d02645d5
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz
Size/MD5: 22755 f5c0ba19b04eba8264ebb6b30c5617d6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc
Size/MD5: 832 d08a82b28411baa0184d3b8231fd8b61
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb
Size/MD5: 940 7344fa4e61880636b014525f6e6482a1
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb
Size/MD5: 190186 01f82b2b967c5212e834dd57c12c1a7c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb
Size/MD5: 179752 c26e243dd21f5dd10b478c0415215c1c
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb
Size/MD5: 70534 5f7628d9b644ae953c515d18f7de9980
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb
Size/MD5: 188782 51354007cca0796218e3aaeba6142c41
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb
Size/MD5: 171216 b7a092ef2f5955b380adc015bfae6c81
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb
Size/MD5: 69082 7612cd438ddfaab236de5f342f709b66
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb
Size/MD5: 189664 4825baf36c5d14b5066d548aaf050866
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb
Size/MD5: 172962 b16b496d6553fbf28523147617011b95
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb
Size/MD5: 70020 61f5d75c4435333ef586677a07d49915
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb
Size/MD5: 190300 8ac6e4c1efb73de848d5bc5457093e7a
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb
Size/MD5: 179166 d92637edf805d7d673a4440b2605dc57
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb
Size/MD5: 70604 adf25dd26d85725ab3c74c4a80a7a541
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb
Size/MD5: 185622 ef3cf5486afe387d09bf05106893b371
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb
Size/MD5: 173422 4b2f3476b423a3c5c31ee0738bfb4458
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb
Size/MD5: 65928 ab5ac0b24d618dc432d1763a0e50ebda
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz
Size/MD5: 176459 b2f27af9534f3c5b9a120680cd41ce7c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc
Size/MD5: 1296 b66efe2157ab6f3dad6e57b4fe9dbf13
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb
Size/MD5: 932 1c66e49e2b875fa40c5556c19d076508
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb
Size/MD5: 72852 a1bbcffd25c3ec87cbdf86be154962fc
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb
Size/MD5: 168576 9f40f2846c21aa5835f53ab6895ec5cf
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb
Size/MD5: 255784 d9060ad287e40ded1848b79284abbcc0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb
Size/MD5: 71102 c18134055d747d066b60218b69e99d45
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb
Size/MD5: 166904 e8151a3f79f0fff6d98bbb0675621594
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb
Size/MD5: 247922 ae8412d1c420f1dd63cb436382cad51f
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb
Size/MD5: 71488 5179307ffe74c10515e61503e647606f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb
Size/MD5: 167370 dd07d7a09484eb7711da5cd874099abe
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb
Size/MD5: 248872 a34333b123f4d12e7872868111942cbd
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb
Size/MD5: 71674 f742f2771d94ca29746906c1177d657d
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb
Size/MD5: 167514 478378fde5c7fd14fbffa1be072aa21c
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb
Size/MD5: 254642 ba3f255f4346a4483c5410d55acaac65
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb
Size/MD5: 66670 ee067298bc51471f06bcf1a74b557310
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb
Size/MD5: 162336 ab167dcdbbd930a3d976af0ad57cbac2
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb
Size/MD5: 248428 8b96f4ff4f0ad8e366ed4475d3890948
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz
Size/MD5: 20129 f230ec37944a0150ffc83cfdddc7c906
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc
Size/MD5: 1293 fce0b2fd543aeff27d47fb91f12af053
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz
Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb
Size/MD5: 932 cee669d58ac9660e1fe71cf9e2eeda9d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb
Size/MD5: 73938 15bb328beed6ab3287967c54e4177018
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb
Size/MD5: 175088 f003cc7565826cfcc337ab409ffc6e8f
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb
Size/MD5: 265400 2d26dc0e9ddb6c2010776fbbcb82d791
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb
Size/MD5: 70444 a80af68dda6ff1aa3168040d33600e64
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb
Size/MD5: 171594 3fca9df961cc3616b75f6518ab870a68
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb
Size/MD5: 255474 1ab05dffaa25e1d9190d0ea872b0fbd8
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb
Size/MD5: 71066 0495b247d489438259937bee1f17761f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb
Size/MD5: 172296 730fd7a16f9496e37ffee99ea68d15a6
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb
Size/MD5: 257350 fff93fe6a558aef20e20b8b8f15227e7
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb
Size/MD5: 72524 8e92aaedc8e6fabafed81cca60a833e9
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb
Size/MD5: 173720 055336debc8a5b9ff92e6cae9998ac94
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb
Size/MD5: 264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb
Size/MD5: 67348 44b9c2989661e116d78b809a8657a5c8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb
Size/MD5: 168516 b98b4872db6f90caf0f43da67197dec0
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb
Size/MD5: 257634 eb673ad114284bbd9be37e1c322e1bfb
Updated packages for Ubuntu 10.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2
Size/MD5: 19511 ac49d7354c1ab87a91dbad607733629f
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc
Size/MD5: 1299 dae31f78418d5db8c3476d7562859658
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2
Size/MD5: 670811 9a5cbe9798927fdf528f3186a8840ebe
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb
Size/MD5: 926 602d7036448637b45c1eacbc31e05640
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb
Size/MD5: 74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb
Size/MD5: 180006 3b5339fe77bcdae97bb2a318496a192e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb
Size/MD5: 271858 ae0c6a1e973dad2b0a0685fd863c096d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb
Size/MD5: 70692 b264bdd0086f3451e42df7f840ab894a
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb
Size/MD5: 176510 03c3d70135e907f21b2342972d8a9b40
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb
Size/MD5: 261728 955b40272944dd988ee39b62d8c6606c
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb
Size/MD5: 73380 ad2cda1c89c55c473121da33a40294f6
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb
Size/MD5: 179272 b6623c3dcdc841a762308f889c8b478e
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb
Size/MD5: 271898 fcccfdb0eb4bc3a3470a83888f8bae28
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb
Size/MD5: 69258 ec2047ed5079933d6dbeb841a0207c59
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb
Size/MD5: 175214 142020dfd126d2335bc93bad6a714799
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb
Size/MD5: 265174 06843a4a028c5533e89d5562cbeb2047
. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory.
Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Updated Packages:
Mandriva Linux 2008.0: 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2009.0: 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.1: 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2010.0: 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.1: 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64: 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Corporate 4.0: be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Corporate 4.0/X86_64: f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64: e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX KlOM1C8b0XVNVFF83vXPz9A= =E10C -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201006-0260",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "11"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.1,
"vendor": "apple",
"version": "10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.10"
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "iphone os",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "13"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.1"
},
{
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1"
},
{
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.5"
},
{
"model": "player",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.2"
},
{
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "2.5.5"
},
{
"model": "player",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "3.1.2"
},
{
"model": "workstation",
"scope": "lt",
"trust": 1.0,
"vendor": "vmware",
"version": "7.1.2"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.0"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.2.44"
},
{
"model": "safari",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.0"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.3"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "workstation",
"scope": "gte",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.42"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.33"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.32"
},
{
"model": "libpng",
"scope": "lt",
"trust": 0.8,
"vendor": "png group",
"version": "1.2.44"
},
{
"model": "libpng",
"scope": "lt",
"trust": 0.8,
"vendor": "png group",
"version": "1.4.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.1.x"
},
{
"model": "server",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "7.1.x"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "(2nd generation) 4.0 software"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.0 to 4.1 (iphone 3g after )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "2.1 to 4.1 (ipod touch (2nd generation) after )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "3.2 to 3.2.2 (ipad for )"
},
{
"model": "ipad",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "iphone",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "ipod touch",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "safari",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.40"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.41"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.29"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.30"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.3"
},
{
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.25"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.16"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.7"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.4"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "15.0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.21"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.36"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.6"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "in motion blackberry enterprise server express for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1.2301548"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.3"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9156507"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.18"
},
{
"model": "in motion blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "tv",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "linux enterprise sdk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.5"
},
{
"model": "coat systems proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "blue",
"version": "3.4.1.1"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "beta19",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2156735"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.15"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "aura system platform sp1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.7"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.11"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "safari for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "ir",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.8"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.13"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.20"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.14"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10203137"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.12"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.8"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.2"
},
{
"model": "in motion blackberry enterprise server for exchange mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1.2301548"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10"
},
{
"model": "in motion blackberry enterprise server for novell groupwise",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "4.1.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "in motion blackberry enterprise server for domino mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.3"
},
{
"model": "in motion blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "0.90"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.6.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.26"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8126538"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.24"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.43"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.2"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.9"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.44"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "in motion blackberry enterprise server express for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.9"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7108231"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.34"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.3"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.17"
},
{
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "safari beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "intuity audix r5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "in motion blackberry enterprise server for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.37"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.3"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.1.1"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.5"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"model": "safari",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.17"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "coat systems proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "blue",
"version": "3.4.1.0"
},
{
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.3"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "in motion blackberry enterprise server for exchange mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1"
},
{
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.52"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.43"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "in motion blackberry enterprise server for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "intuity lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.691891"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5.8"
},
{
"model": "in motion blackberry enterprise server express for exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "in motion blackberry enterprise server for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.11"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.22"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.2"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3185404"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.5"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "in motion blackberry enterprise server express for domino mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.16"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.53"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.13"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.10"
},
{
"model": "in motion blackberry enterprise server for novell groupwise mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "research",
"version": "5.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.35"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.19"
}
],
"sources": [
{
"db": "BID",
"id": "41174"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:libpng:libpng",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipad",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:iphone",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:apple:ipod_touch",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Greg Roelofs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
],
"trust": 0.6
},
"cve": "CVE-2010-2249",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-2249",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-2249",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-44854",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2010-2249",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-2249",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2010-2249",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201006-491",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-44854",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-2249",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The \u0027libpng\u0027 library is prone to multiple vulnerabilities. \nSuccessful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. \nThese issues affect versions prior to \u0027libpng\u0027 1.4.3 and 1.2.44. \n\nBackground\n==========\n\nlibpng is a standard library used to process PNG (Portable Network\nGraphics) images. It is used by several programs, including web\nbrowsers and potentially server processes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-libs/libpng \u003c 1.4.3 \u003e= 1.4.3\n\nDescription\n===========\n\nMultiple vulnerabilities were found in libpng:\n\n* The png_decompress_chunk() function in pngrutil.c does not properly\n handle certain type of compressed data (CVE-2010-0205)\n\n* A buffer overflow in pngread.c when using progressive applications\n (CVE-2010-1205)\n\n* A memory leak in pngrutil.c when dealing with a certain type of\n chunks (CVE-2010-2249)\n\nImpact\n======\n\nAn attacker could exploit these vulnerabilities to cause programs\nlinked against the library to crash or execute arbitrary code with the\npermissions of the user running the vulnerable program, which could be\nthe root user. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.4.3\"\n\nReferences\n==========\n\n [ 1 ] CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n [ 2 ] CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n [ 3 ] CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201010-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n. \n\nFor the testing (squeeze) and unstable (sid) distribution, these\nproblems have been fixed in version 1.2.44-1\n\nWe recommend that you upgrade your libpng package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc\n Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz\n Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb\n Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb\n Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb\n Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb\n Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb\n Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb\n Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb\n Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb\n Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb\n Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb\n Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb\n Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb\n Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb\n Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb\n Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb\n Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb\n Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb\n Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb\n Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb\n Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb\n Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb\n Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb\n Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb\n Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb\n Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb\n Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb\n Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb\n Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb\n Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb\n Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb\n Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb\n Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb\n Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb\n Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb\n Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb\n Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb\n Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb\n Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed\n\n\n These files will probably be moved into the stable distribution on\n its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0014\nSynopsis: VMware Workstation, Player, and ACE address several\n security issues. \nIssue date: 2010-09-23\nUpdated on: 2010-09-23 (initial release of advisory)\nCVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware Workstation and Player address a potential installer security\n issue and security issues in libpng. VMware ACE Management Server\n (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n VMware Workstation 7.1.1 and earlier,\n VMware Player 3.1.1 and earlier,\n VMware ACE Management Server 2.7.1 and earlier,\n\n Note: VMware Server was declared End Of Availability on January 2010,\n support will be limited to Technical Guidance for the duration\n of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n The Workstation 7.x and Player 3.x installers will load an index.htm\n file located in the current working directory on which Workstation\n 7.x or Player 3.x is being installed. This may allow an attacker to\n display a malicious file if they manage to get their file onto the\n system prior to installation. \n\n The issue can only be exploited at the time that Workstation 7.x or\n Player 3.x is being installed. Installed versions of Workstation and\n Player are not affected. The security issue is no longer present in\n the installer of the new versions of Workstation 7.x and Player 3.x\n (see table below for the version numbers). \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-3277 to this issue. \n\n VMware would like to thank Alexander Trofimov and Marc Esher for\n independently reporting this issue to VMware. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any 7.1.2 build 301548 or later *\n Workstation 6.5.x any not affected\n\n Player 3.x any 3.1.2 build 301548 or later *\n Player 2.5.x any not affected\n\n AMS any any not affected\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note: This only affects the installer, if you have a version of\n Workstation or Player installed you are not vulnerable. \n\n\n b. Third party libpng updated to version 1.2.44\n\n A buffer overflow condition in libpng is addressed that could\n potentially lead to code execution with the privileges of the\n application using libpng. Two potential denial of service issues\n are also addressed in the update. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.1.x any 7.1.2 build 301548 or later\n Workstation 6.5.x any affected, patch pending\n\n Player 3.1.x any 3.1.2 build 301548 or later\n Player 2.5.x any affected, patch pending\n\n AMS any any not affected\n\n Server any any affected, no patch planned\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n version 2.2.15. \n\n A function in Apache HTTP Server when multithreaded MPM is used\n does not properly handle headers in subrequests in certain\n circumstances which may allow remote attackers to obtain sensitive\n information via a crafted request that triggers access to memory\n locations associated with an earlier request. \n\n The Apache mod_isapi module can be forced to unload a specific\n library before the processing of a request is complete, resulting\n in memory corruption. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation any any not affected\n\n Player any any not affected\n\n AMS any Windows 2.7.2 build 301548 or later\n AMS any Linux affected, patch pending *\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 7.1.2\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n VMware Player 3.1.2\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n VMware Player for Windows 32-bit and 64-bit\t\n md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n VMware Player for Linux 32-bit\t\n md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n VMware Player for Linux 64-bit\t\n md5sum: 2ab08e0d4050719845a64d334ca15bb1\n sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n VMware ACE Management Server 2.7.2\n ----------------------------------\n http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n Release notes:\n http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n ACE Management Server for Windows\t\n md5sum: 02f0072b8e48a98ed914b633f070d550\n sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23 VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-960-1 July 08, 2010\nlibpng vulnerabilities\nCVE-2010-1205, CVE-2010-2249\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.04\nUbuntu 9.10\nUbuntu 10.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libpng12-0 1.2.8rel-5ubuntu0.6\n\nUbuntu 8.04 LTS:\n libpng12-0 1.2.15~beta5-3ubuntu0.3\n\nUbuntu 9.04:\n libpng12-0 1.2.27-2ubuntu2.2\n\nUbuntu 9.10:\n libpng12-0 1.2.37-1ubuntu0.2\n\nUbuntu 10.04 LTS:\n libpng12-0 1.2.42-1ubuntu2.1\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nDetails follow:\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into opening a crafted\nPNG file, an attacker could cause a denial of service or possibly execute\narbitrary code with the privileges of the user invoking the program. \n(CVE-2010-1205)\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into processing a\ncrafted PNG image, an attacker could possibly use this flaw to consume all\navailable resources, resulting in a denial of service. (CVE-2010-2249)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz\n Size/MD5: 24044 8979ca6b113137fe5ee051c1c70571eb\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc\n Size/MD5: 661 92722fa973e92a99f982fe05b5826adf\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb\n Size/MD5: 842 dcbc7d24c8426e3b3024859ec157f57e\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb\n Size/MD5: 114528 aea355e99e67b76c9464f8cc49b3560d\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb\n Size/MD5: 247576 f0e52e10a663f9b1b04d9371d4a2cf14\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb\n Size/MD5: 69504 6536e83152b2cf00d0d961b9b095c2d5\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb\n Size/MD5: 112048 b8f85cc6154602422a8841a5cad1a4a1\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb\n Size/MD5: 239628 fb6f6e62a9fa6114c50946c74cb2ed5d\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb\n Size/MD5: 66946 501acb21d567d62608904e4272ff842d\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb\n Size/MD5: 111648 19cccb12fb968f40f04068b9da24f589\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb\n Size/MD5: 245230 ebdbfc860056170b7a165479d7905bb3\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb\n Size/MD5: 66458 24e918a95770150b4df72530bd6de095\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb\n Size/MD5: 109156 510d17affd2c0cf3f5dce5379df57d49\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb\n Size/MD5: 240072 1ff11e0649a58bc7b809c86941aaafd7\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb\n Size/MD5: 63882 d7df02c540e66a536cbffca5d02645d5\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz\n Size/MD5: 22755 f5c0ba19b04eba8264ebb6b30c5617d6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc\n Size/MD5: 832 d08a82b28411baa0184d3b8231fd8b61\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb\n Size/MD5: 940 7344fa4e61880636b014525f6e6482a1\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb\n Size/MD5: 190186 01f82b2b967c5212e834dd57c12c1a7c\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb\n Size/MD5: 179752 c26e243dd21f5dd10b478c0415215c1c\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb\n Size/MD5: 70534 5f7628d9b644ae953c515d18f7de9980\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb\n Size/MD5: 188782 51354007cca0796218e3aaeba6142c41\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb\n Size/MD5: 171216 b7a092ef2f5955b380adc015bfae6c81\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb\n Size/MD5: 69082 7612cd438ddfaab236de5f342f709b66\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb\n Size/MD5: 189664 4825baf36c5d14b5066d548aaf050866\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb\n Size/MD5: 172962 b16b496d6553fbf28523147617011b95\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb\n Size/MD5: 70020 61f5d75c4435333ef586677a07d49915\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n Size/MD5: 190300 8ac6e4c1efb73de848d5bc5457093e7a\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n Size/MD5: 179166 d92637edf805d7d673a4440b2605dc57\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb\n Size/MD5: 70604 adf25dd26d85725ab3c74c4a80a7a541\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb\n Size/MD5: 185622 ef3cf5486afe387d09bf05106893b371\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb\n Size/MD5: 173422 4b2f3476b423a3c5c31ee0738bfb4458\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb\n Size/MD5: 65928 ab5ac0b24d618dc432d1763a0e50ebda\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz\n Size/MD5: 176459 b2f27af9534f3c5b9a120680cd41ce7c\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc\n Size/MD5: 1296 b66efe2157ab6f3dad6e57b4fe9dbf13\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb\n Size/MD5: 932 1c66e49e2b875fa40c5556c19d076508\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb\n Size/MD5: 72852 a1bbcffd25c3ec87cbdf86be154962fc\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb\n Size/MD5: 168576 9f40f2846c21aa5835f53ab6895ec5cf\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb\n Size/MD5: 255784 d9060ad287e40ded1848b79284abbcc0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb\n Size/MD5: 71102 c18134055d747d066b60218b69e99d45\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb\n Size/MD5: 166904 e8151a3f79f0fff6d98bbb0675621594\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb\n Size/MD5: 247922 ae8412d1c420f1dd63cb436382cad51f\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb\n Size/MD5: 71488 5179307ffe74c10515e61503e647606f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb\n Size/MD5: 167370 dd07d7a09484eb7711da5cd874099abe\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb\n Size/MD5: 248872 a34333b123f4d12e7872868111942cbd\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb\n Size/MD5: 71674 f742f2771d94ca29746906c1177d657d\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb\n Size/MD5: 167514 478378fde5c7fd14fbffa1be072aa21c\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb\n Size/MD5: 254642 ba3f255f4346a4483c5410d55acaac65\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb\n Size/MD5: 66670 ee067298bc51471f06bcf1a74b557310\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb\n Size/MD5: 162336 ab167dcdbbd930a3d976af0ad57cbac2\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb\n Size/MD5: 248428 8b96f4ff4f0ad8e366ed4475d3890948\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz\n Size/MD5: 20129 f230ec37944a0150ffc83cfdddc7c906\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc\n Size/MD5: 1293 fce0b2fd543aeff27d47fb91f12af053\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz\n Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb\n Size/MD5: 932 cee669d58ac9660e1fe71cf9e2eeda9d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb\n Size/MD5: 73938 15bb328beed6ab3287967c54e4177018\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb\n Size/MD5: 175088 f003cc7565826cfcc337ab409ffc6e8f\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb\n Size/MD5: 265400 2d26dc0e9ddb6c2010776fbbcb82d791\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb\n Size/MD5: 70444 a80af68dda6ff1aa3168040d33600e64\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb\n Size/MD5: 171594 3fca9df961cc3616b75f6518ab870a68\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb\n Size/MD5: 255474 1ab05dffaa25e1d9190d0ea872b0fbd8\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb\n Size/MD5: 71066 0495b247d489438259937bee1f17761f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb\n Size/MD5: 172296 730fd7a16f9496e37ffee99ea68d15a6\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb\n Size/MD5: 257350 fff93fe6a558aef20e20b8b8f15227e7\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb\n Size/MD5: 72524 8e92aaedc8e6fabafed81cca60a833e9\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb\n Size/MD5: 173720 055336debc8a5b9ff92e6cae9998ac94\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb\n Size/MD5: 264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb\n Size/MD5: 67348 44b9c2989661e116d78b809a8657a5c8\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb\n Size/MD5: 168516 b98b4872db6f90caf0f43da67197dec0\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb\n Size/MD5: 257634 eb673ad114284bbd9be37e1c322e1bfb\n\nUpdated packages for Ubuntu 10.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2\n Size/MD5: 19511 ac49d7354c1ab87a91dbad607733629f\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc\n Size/MD5: 1299 dae31f78418d5db8c3476d7562859658\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2\n Size/MD5: 670811 9a5cbe9798927fdf528f3186a8840ebe\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb\n Size/MD5: 926 602d7036448637b45c1eacbc31e05640\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb\n Size/MD5: 74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb\n Size/MD5: 180006 3b5339fe77bcdae97bb2a318496a192e\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb\n Size/MD5: 271858 ae0c6a1e973dad2b0a0685fd863c096d\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb\n Size/MD5: 70692 b264bdd0086f3451e42df7f840ab894a\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb\n Size/MD5: 176510 03c3d70135e907f21b2342972d8a9b40\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb\n Size/MD5: 261728 955b40272944dd988ee39b62d8c6606c\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb\n Size/MD5: 73380 ad2cda1c89c55c473121da33a40294f6\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb\n Size/MD5: 179272 b6623c3dcdc841a762308f889c8b478e\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb\n Size/MD5: 271898 fcccfdb0eb4bc3a3470a83888f8bae28\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb\n Size/MD5: 69258 ec2047ed5079933d6dbeb841a0207c59\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb\n Size/MD5: 175214 142020dfd126d2335bc93bad6a714799\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb\n Size/MD5: 265174 06843a4a028c5533e89d5562cbeb2047\n\n\n\n. Latest xulrunner and\n mozilla-thunderbird has been patched as a precaution for 2008.0 wheres\n on 2009.0 and up the the system libpng library is used instead of the\n bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is\n therefore also being provided with this advisory. \n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm\n 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm\n 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm\n fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm\n d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm\n 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm\n 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm\n b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm\n b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm\n 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm\n 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm\n ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm\n 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm\n c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm\n fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm\n c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm\n 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm\n ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm\n 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm\n bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm\n e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm\n 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm\n df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm\n 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm\n 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm\n 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm\n 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm\n 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm\n abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm\n bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm\n 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm\n d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm\n 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm\n 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm\n 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Corporate 4.0:\n be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm\n 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm\n 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm\n e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm\n 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm\n 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm\n e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm\n e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm\n 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm\n 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm\n c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm\n 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm\n 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX\nKlOM1C8b0XVNVFF83vXPz9A=\n=E10C\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2249"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2249",
"trust": 3.4
},
{
"db": "BID",
"id": "41174",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "40302",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-1612",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "40472",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "41574",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42317",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40547",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "42314",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "40336",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-2491",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1837",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1755",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-3046",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1877",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1637",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-3045",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1846",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1024723",
"trust": 1.7
},
{
"db": "XF",
"id": "59816",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-44854",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1837",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3046",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/3045",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1612",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/2491",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1637",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1846",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1877",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1755",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-2249",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94522",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91973",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94244",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91619",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "91878",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"id": "VAR-201006-0260",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T21:56:17.677000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4456"
},
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4457"
},
{
"title": "HT4554",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4554"
},
{
"title": "HT4566",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4566"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435"
},
{
"title": "HT4456",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4456?viewlocale=ja_JP"
},
{
"title": "HT4457",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4457?viewlocale=ja_JP"
},
{
"title": "HT4554",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP"
},
{
"title": "HT4566",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4566?viewlocale=ja_JP"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP"
},
{
"title": "libpng-1.2.10-7.1.3.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1210"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"title": "libpng-1.2.44-README",
"trust": 0.8,
"url": "http://www.libpng.org/pub/png/src/libpng-1.2.44-README.txt"
},
{
"title": "2078",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2078"
},
{
"title": "2079",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2079"
},
{
"title": "RHSA-2010:0534",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0534.html"
},
{
"title": "multiple_vulnerabilities_in_libpng",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng"
},
{
"title": "VMSA-2010-0014",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"title": "libpng-1.4.1.tar.xz",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=216"
},
{
"title": "libpng-1.4.1.tar.gz",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=215"
},
{
"title": "linpng_txt.zip",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=219"
},
{
"title": "libpng-1.4.1.tar.bz2",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=214"
},
{
"title": "lpng141.zip",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=218"
},
{
"title": "lpng141.7z",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=217"
},
{
"title": "Debian CVElist Bug Report Logs: libpng: CVE-2010-1205 and CVE-2010-2249",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=184c5adf52ad398a58919ac7993ba9b9"
},
{
"title": "Ubuntu Security Notice: libpng vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-960-1"
},
{
"title": "Debian Security Advisories: DSA-2072-1 libpng -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=3e96a347c5dea429ac96a3e5e90fb285"
},
{
"title": "VMware Security Advisories: VMware Workstation, Player, and ACE address several security issues.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=b3571bd7da36d47dd9d3066ad9612f4c"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-401",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/41174"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/40302"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/1612"
},
{
"trust": 2.1,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1024723"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40336"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40472"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/40547"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/41574"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42314"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/42317"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00004.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044283.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044397.html"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:133"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-960-1"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4456"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4457"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4554"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4566"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
},
{
"trust": 1.7,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3ba=commitdiff%3bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/59816"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu935740"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2249"
},
{
"trust": 0.7,
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2010-2249"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/errata/rhsa-2010:0534"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_libpng"
},
{
"trust": 0.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa65"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100092842"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100093925"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100108439"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100148396"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb27244"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2010\u0026amp;m=slackware-security.613061"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/401.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587670"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/960-1/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22585"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201010-01.xml"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisoiries"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6218"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-6218"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-44854"
},
{
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"db": "BID",
"id": "41174"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "91973"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "91619"
},
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-44854"
},
{
"date": "2010-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"date": "2010-06-25T00:00:00",
"db": "BID",
"id": "41174"
},
{
"date": "2010-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"date": "2010-10-05T22:16:57",
"db": "PACKETSTORM",
"id": "94522"
},
{
"date": "2010-07-20T00:53:34",
"db": "PACKETSTORM",
"id": "91973"
},
{
"date": "2010-09-25T18:50:30",
"db": "PACKETSTORM",
"id": "94244"
},
{
"date": "2010-07-08T21:03:46",
"db": "PACKETSTORM",
"id": "91619"
},
{
"date": "2010-07-16T04:34:46",
"db": "PACKETSTORM",
"id": "91878"
},
{
"date": "2010-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"date": "2010-06-30T18:30:01.847000",
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-44854"
},
{
"date": "2020-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2010-2249"
},
{
"date": "2015-04-13T21:46:00",
"db": "BID",
"id": "41174"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001805"
},
{
"date": "2023-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201006-491"
},
{
"date": "2024-11-21T01:16:14.217000",
"db": "NVD",
"id": "CVE-2010-2249"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "91878"
},
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libpng include pngrutil.c Memory leak vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001805"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201006-491"
}
],
"trust": 0.6
}
}
var-200609-0959
Vulnerability from variot
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1174-1 security@debian.org http://www.debian.org/security/ Noah Meyerhans September 11th, 2006 http://www.debian.org/security/faq
Package : openssl096 Problem-Type : local Vulnerability : cryptographic weakness Debian-specific: no CVE ID : CVE-2006-4339 BugTraq ID : 19849 Debian Bug : 386247
Daniel Bleichenbacher discovered a flaw in OpenSSL cryptographic package that could allow an attacker to generate a forged signature that OpenSSL will accept as valid.
For the stable distribution (sarge) this problem has been fixed in version 0.9.6m-1sarge2
This package exists only for compatibility with older software, and is not present in the unstable or testing branches of Debian.
We recommend that you upgrade your openssl packages. Note that services linking against the openssl shared libraries will need to be restarted. Common examples of such services include most Mail Transport Agents, SSH servers, and web servers.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.dsc
Size/MD5 checksum: 617 018a88ab90403cb04c62fb3e30b74447
http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.diff.gz
Size/MD5 checksum: 19110 ebf3d65348f1a0e2b09543b02f1752ff
http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m.orig.tar.gz
Size/MD5 checksum: 2184918 1b63bfdca1c37837dddde9f1623498f9
Alpha architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_alpha.deb
Size/MD5 checksum: 1965098 f321c9d2831643d65718730f8ff81f16
AMD64 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_amd64.deb
Size/MD5 checksum: 578014 b47b9fb2acd8c6e22aac6812c7ad4dda
ARM architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_arm.deb
Size/MD5 checksum: 518746 29a69a8d997445d4ae2a53c337678cc6
HP Precision architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_hppa.deb
Size/MD5 checksum: 587368 4291ac3835b28ae9acf555ec90242d26
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_i386.deb
Size/MD5 checksum: 1755640 d9fb8d8383c96d0d4ebe4af8cb5e9a3a
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_ia64.deb
Size/MD5 checksum: 814966 1a366b00181bba9bd04b2312f4ae8f42
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_m68k.deb
Size/MD5 checksum: 476722 2002d9eeb9b36d329855042466c9dfc1
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mips.deb
Size/MD5 checksum: 576764 2001e7d3f5d72e0328b8d46f83bb0b4d
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mipsel.deb
Size/MD5 checksum: 568756 3b25b7c66ff42626c8f458be9485f9bb
PowerPC architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_powerpc.deb
Size/MD5 checksum: 582402 e677ab4fd68d34affff58a9c7d2cd823
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_s390.deb
Size/MD5 checksum: 602334 674b58c6811c7e60ad2bb53ec7c1bcdc
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_sparc.deb
Size/MD5 checksum: 1458574 d9ab5370d48647780172587e58682297
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFBZeQXm3vHE4uyloRAluzAJ4s1+vl2IB2cXZjMfyZxmydcMkkigCggOhK LtlmIJe5HFZS6aWhcCCZuG8= =C3Tf -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0959",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sun microsystems",
"version": null
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Bleichenbacher reported this issue to the vendor.",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4339",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4339",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#594904",
"trust": 0.8,
"value": "0.63"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. The NSS libraries used in the Sun One Application Server and the Sun Java System web server contain an unspecified vulnerability that may allow an attacker to create a denial-of-service condition. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1174-1 security@debian.org\nhttp://www.debian.org/security/ Noah Meyerhans \nSeptember 11th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : openssl096\nProblem-Type : local\nVulnerability : cryptographic weakness\nDebian-specific: no\nCVE ID : CVE-2006-4339\nBugTraq ID : 19849\nDebian Bug : 386247\n\nDaniel Bleichenbacher discovered a flaw in OpenSSL cryptographic package\nthat could allow an attacker to generate a forged signature that OpenSSL\nwill accept as valid. \n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.6m-1sarge2\n\nThis package exists only for compatibility with older software, and is\nnot present in the unstable or testing branches of Debian. \n\nWe recommend that you upgrade your openssl packages. Note that services\nlinking against the openssl shared libraries will need to be restarted. \nCommon examples of such services include most Mail Transport Agents, SSH\nservers, and web servers. \n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.dsc\n Size/MD5 checksum: 617 018a88ab90403cb04c62fb3e30b74447\n http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.diff.gz\n Size/MD5 checksum: 19110 ebf3d65348f1a0e2b09543b02f1752ff\n http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m.orig.tar.gz\n Size/MD5 checksum: 2184918 1b63bfdca1c37837dddde9f1623498f9\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_alpha.deb\n Size/MD5 checksum: 1965098 f321c9d2831643d65718730f8ff81f16\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_amd64.deb\n Size/MD5 checksum: 578014 b47b9fb2acd8c6e22aac6812c7ad4dda\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_arm.deb\n Size/MD5 checksum: 518746 29a69a8d997445d4ae2a53c337678cc6\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_hppa.deb\n Size/MD5 checksum: 587368 4291ac3835b28ae9acf555ec90242d26\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_i386.deb\n Size/MD5 checksum: 1755640 d9fb8d8383c96d0d4ebe4af8cb5e9a3a\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_ia64.deb\n Size/MD5 checksum: 814966 1a366b00181bba9bd04b2312f4ae8f42\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_m68k.deb\n Size/MD5 checksum: 476722 2002d9eeb9b36d329855042466c9dfc1\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mips.deb\n Size/MD5 checksum: 576764 2001e7d3f5d72e0328b8d46f83bb0b4d\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mipsel.deb\n Size/MD5 checksum: 568756 3b25b7c66ff42626c8f458be9485f9bb\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_powerpc.deb\n Size/MD5 checksum: 582402 e677ab4fd68d34affff58a9c7d2cd823\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_s390.deb\n Size/MD5 checksum: 602334 674b58c6811c7e60ad2bb53ec7c1bcdc\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_sparc.deb\n Size/MD5 checksum: 1458574 d9ab5370d48647780172587e58682297\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n\n\n\n\n\n\n\n\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niD8DBQFFBZeQXm3vHE4uyloRAluzAJ4s1+vl2IB2cXZjMfyZxmydcMkkigCggOhK\nLtlmIJe5HFZS6aWhcCCZuG8=\n=C3Tf\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49955"
},
{
"db": "PACKETSTORM",
"id": "49927"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 1.5
},
{
"db": "BID",
"id": "19849",
"trust": 1.3
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1017143",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22646",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "49955",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "49927",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49955"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200609-0959",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333334
},
"last_update_date": "2024-08-15T09:57:09.686000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.sun.com/software/products/appsrvr/index.xml"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=438cfb75"
},
{
"trust": 0.8,
"url": "http://www.sun.com/download/products.xml?id=43a84f89"
},
{
"trust": 0.8,
"url": "http://www.mozilla.org/projects/security/pki/nss/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/ssl"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4299 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1017143 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22646 "
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m-1sarge2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/openssl096_0.9.6m.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl096/libssl0.9.6_0.9.6m-1sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.7_0.9.7e-3sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.7e-3sarge2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.7e-3sarge2_arm.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49955"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#594904"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49955"
},
{
"db": "PACKETSTORM",
"id": "49927"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2006-09-13T08:51:49",
"db": "PACKETSTORM",
"id": "49955"
},
{
"date": "2006-09-13T07:37:56",
"db": "PACKETSTORM",
"id": "49927"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#594904"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2018-10-17T21:35:10.617000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
}
}
var-200712-0594
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. This issue affects the following: - The 'mod_imagemap' module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0 - The 'mod_imap' module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0. =========================================================== Ubuntu Security Notice USN-575-1 February 04, 2008 apache2 vulnerabilities CVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-mpm-perchild 2.0.55-4ubuntu2.3 apache2-mpm-prefork 2.0.55-4ubuntu2.3 apache2-mpm-worker 2.0.55-4ubuntu2.3
Ubuntu 6.10: apache2-mpm-perchild 2.0.55-4ubuntu4.2 apache2-mpm-prefork 2.0.55-4ubuntu4.2 apache2-mpm-worker 2.0.55-4ubuntu4.2
Ubuntu 7.04: apache2-mpm-event 2.2.3-3.2ubuntu2.1 apache2-mpm-perchild 2.2.3-3.2ubuntu2.1 apache2-mpm-prefork 2.2.3-3.2ubuntu2.1 apache2-mpm-worker 2.2.3-3.2ubuntu2.1
Ubuntu 7.10: apache2-mpm-event 2.2.4-3ubuntu0.1 apache2-mpm-perchild 2.2.4-3ubuntu0.1 apache2-mpm-prefork 2.2.4-3ubuntu0.1 apache2-mpm-worker 2.2.4-3ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. This was only vulnerable in Ubuntu 6.06. A remote attacker could send Apache crafted date headers and cause a denial of service via application crash. By default, mod_proxy is disabled in Ubuntu. (CVE-2007-3847)
It was discovered that mod_autoindex did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. (CVE-2007-4465)
It was discovered that mod_imap/mod_imagemap did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)
It was discovered that mod_status when status pages were available, allowed for cross-site scripting attacks. By default, mod_status is disabled in Ubuntu. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6421)
It was discovered that mod_proxy_balancer could be made to dereference a NULL pointer. A remote attacker could send a crafted request and cause a denial of service via application crash. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)
It was discovered that mod_proxy_ftp did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz
Size/MD5: 121305 10359a467847b63f8d6603081450fece
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc
Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb
Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 171402 3b7567107864cf36953e7911a4851738
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 172186 85a591ea061cbc727fc261b046781502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 94240 b80027348754c493312269f7410b38fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 285664 76f4879738a0a788414316581ac2010b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 144250 3cd8327429958569a306257da57e8be0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 786052 7bdddb451607eeb2abb9706641675397
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 215932 bee4a6e00371117203647fd3a311658a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 219800 aaf4968deba24912e4981f35a367a086
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 93282 1ae6def788c74750d79055784c0d8006
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 267832 96c149638daeb993250b18c9f4285abf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz
Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc
Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb
Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 145340 109c93408c5197be50960cce80c23b7c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209552 8a23207211e54b138d5a87c15c097908
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 171636 07616e459905bad152a8669c8f670436
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 222022 e37ef7d710800e568d838242d3129725
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 208354 0a571678c269d1da06787dac56567f1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212052 90754ccdcd95e652413426376078d223
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz
Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc
Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 971426 30db1106dfea5106da54d2287c02a380
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 403974 65a11cfaee921517445cf74ed04df701
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434308 2073137bb138dc52bbace666714f4e14
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 343774 880faca3543426734431c29de77c3048
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz
Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc
Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz
Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 278032 4f8270cff0a532bd059741b366047da9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 435354 f3557e1a87154424e9144cf672110e93
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8
. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
Updated Packages:
Mandriva Linux 2007.0: 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.1: cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2008.0: cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Corporate 4.0: 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux)
iD8DBQFHjmhKmqjQ0CJFipgRAkyLAJ4jEFMu2rAIE8XH60UDFYapm8fGgwCfaHL0 O/KXRt/gdgAAug5/9/aFGGA= =YkQ1 -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.1 or earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01607570 Version: 1
HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-19 Last Updated: 2008-11-19
Potential Security Impact: Remote cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).
References: CVE-2007-6388, CVE-2007-5000
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve the vulnerabilities.
The patches are available from http://itrc.hp.com
OV NNM v7.53
Operating_System - HP-UX (IA) Resolved in Patch - PHSS_38148 or subsequent
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38147 or subsequent
Operating_System - Linux RedHatAS2.1 Resolved in Patch - LXOV_00085 or subsequent
Operating_System - Linux RedHat4AS-x86_64 Resolved in Patch - LXOV_00086 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03514 or subsequent
OV NNM v7.51
Upgrade to NNM v7.53 and install the patches listed above.
OV NNM v7.01
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38761 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03516 or subsequent
MANUAL ACTIONS: Yes - NonUpdate Apply the appropriate file as described in the Resolution.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS (for HP-UX)
For HP-UX OV NNM 7.53 HP-UX B.11.31 HP-UX B.11.23 (IA) ============= OVNNMgr.OVNNM-RUN action: install PHSS_38148 or subsequent URL: http://itrc.hp.com
HP-UX B.11.23 (PA) HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38147 or subsequent URL: http://itrc.hp.com
For HP-UX OV NNM 7.51 HP-UX B.11.31 HP-UX B.11.23 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches
For HP-UX OV NNM 7.01 HP-UX B.11.00 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38761 or subsequent URL: http://itrc.hp.com
END AFFECTED VERSIONS (for HP-UX)
HISTORY Version:1 (rev.1) - 19 November 2008 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs A2UIaH3YB7z+o42Tm7Eg7ahn =lskD -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200712-0594",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "http server",
"scope": "eq",
"trust": 2.1,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 1.1,
"vendor": "turbolinux",
"version": "11"
},
{
"model": "personal",
"scope": null,
"trust": 1.1,
"vendor": "turbolinux",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 1.1,
"vendor": "turbolinux",
"version": null
},
{
"model": "appliance server",
"scope": "eq",
"trust": 1.1,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"model": "multimedia",
"scope": null,
"trust": 1.1,
"vendor": "turbolinux",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "10.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "10.2"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.10"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard l p",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard l p",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard l p",
"version": "11.31"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise edition"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard edition"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard edition version 4"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition"
},
{
"model": "cosminexus server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "web edition version 4"
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "architect"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "platform"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.15"
},
{
"model": "wanbooster",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux as (v.4)"
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux es (v.4)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "1.0 (hosting)"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "1.0 (workgroup)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "10 (x64)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "11 (x64)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbolinux",
"version": "8"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.60"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "2.2.7-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.34"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.28"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "1.3.40-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.51"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.53"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.19"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1"
},
{
"model": "hardware management console for pseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.33"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.15"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.36"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "hardware management console for iseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "application stack for enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.01"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "2.0.61-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "2.0.62-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "application stack for enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.01"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "a9",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.27"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86-64"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.32"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "2.0.60-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.41"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.31"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
}
],
"sources": [
{
"db": "BID",
"id": "26838"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:nec:wanbooster",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_application_stack",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Software Foundation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
}
],
"trust": 0.6
},
"cve": "CVE-2007-5000",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-5000",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2007-000819",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-5000",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2007-000819",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200712-135",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-5000",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Apache is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nThis issue affects the following:\n- The \u0027mod_imagemap\u0027 module in Apache 2.2.6, 2.2.5, 2.2.4, 2.2.3, 2.2.2, and 2.2.0\n- The \u0027mod_imap\u0027 module in Apache 1.3.39, 1.3.37, 1.3.36, 1.3.35, 1.3.34, 1.3.33, 1.3.32, 1.3.31, 1.3.29, 1.3.28, 1.3.27, 1.3.26, 1.3.24, 1.3.22, 1.3.20, 1.3.19, 1.3.17, 1.3.14, 1.3.12, 1.3.11, 1.3.9, 1.3.6, 1.3.4, 1.3.3, 1.3.2, 1.3.1, and 1.3.0. =========================================================== \nUbuntu Security Notice USN-575-1 February 04, 2008\napache2 vulnerabilities\nCVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000,\nCVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-mpm-perchild 2.0.55-4ubuntu2.3\n apache2-mpm-prefork 2.0.55-4ubuntu2.3\n apache2-mpm-worker 2.0.55-4ubuntu2.3\n\nUbuntu 6.10:\n apache2-mpm-perchild 2.0.55-4ubuntu4.2\n apache2-mpm-prefork 2.0.55-4ubuntu4.2\n apache2-mpm-worker 2.0.55-4ubuntu4.2\n\nUbuntu 7.04:\n apache2-mpm-event 2.2.3-3.2ubuntu2.1\n apache2-mpm-perchild 2.2.3-3.2ubuntu2.1\n apache2-mpm-prefork 2.2.3-3.2ubuntu2.1\n apache2-mpm-worker 2.2.3-3.2ubuntu2.1\n\nUbuntu 7.10:\n apache2-mpm-event 2.2.4-3ubuntu0.1\n apache2-mpm-perchild 2.2.4-3ubuntu0.1\n apache2-mpm-prefork 2.2.4-3ubuntu0.1\n apache2-mpm-worker 2.2.4-3ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that Apache did not sanitize the Expect header from\nan HTTP request when it is reflected back in an error message, which\ncould result in browsers becoming vulnerable to cross-site scripting\nattacks when processing the output. With cross-site scripting\nvulnerabilities, if a user were tricked into viewing server output\nduring a crafted server request, a remote attacker could exploit this\nto modify the contents, or steal confidential data (such as passwords),\nwithin the same domain. This was only vulnerable in Ubuntu 6.06. A remote\nattacker could send Apache crafted date headers and cause a denial of\nservice via application crash. By default, mod_proxy is disabled in\nUbuntu. (CVE-2007-3847)\n\nIt was discovered that mod_autoindex did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. (CVE-2007-4465)\n\nIt was discovered that mod_imap/mod_imagemap did not force a\ncharacter set, which could result in browsers becoming vulnerable\nto cross-site scripting attacks when processing the output. By\ndefault, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)\n\nIt was discovered that mod_status when status pages were available,\nallowed for cross-site scripting attacks. By default, mod_status is\ndisabled in Ubuntu. By default,\nmod_proxy_balancer is disabled in Ubuntu. This was only vulnerable\nin Ubuntu 7.04 and 7.10. (CVE-2007-6421)\n\nIt was discovered that mod_proxy_balancer could be made to\ndereference a NULL pointer. A remote attacker could send a crafted\nrequest and cause a denial of service via application crash. By\ndefault, mod_proxy_balancer is disabled in Ubuntu. This was only\nvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)\n\nIt was discovered that mod_proxy_ftp did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. By default,\nmod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz\n Size/MD5: 121305 10359a467847b63f8d6603081450fece\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc\n Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb\n Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 171402 3b7567107864cf36953e7911a4851738\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 172186 85a591ea061cbc727fc261b046781502\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 94240 b80027348754c493312269f7410b38fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 285664 76f4879738a0a788414316581ac2010b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 144250 3cd8327429958569a306257da57e8be0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 786052 7bdddb451607eeb2abb9706641675397\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 215932 bee4a6e00371117203647fd3a311658a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 219800 aaf4968deba24912e4981f35a367a086\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 93282 1ae6def788c74750d79055784c0d8006\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 267832 96c149638daeb993250b18c9f4285abf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz\n Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc\n Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb\n Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 145340 109c93408c5197be50960cce80c23b7c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209552 8a23207211e54b138d5a87c15c097908\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 171636 07616e459905bad152a8669c8f670436\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 222022 e37ef7d710800e568d838242d3129725\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 208354 0a571678c269d1da06787dac56567f1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212052 90754ccdcd95e652413426376078d223\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz\n Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc\n Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 971426 30db1106dfea5106da54d2287c02a380\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 403974 65a11cfaee921517445cf74ed04df701\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434308 2073137bb138dc52bbace666714f4e14\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 343774 880faca3543426734431c29de77c3048\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz\n Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc\n Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz\n Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 278032 4f8270cff0a532bd059741b366047da9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 435354 f3557e1a87154424e9144cf672110e93\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8\n\n. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm\n cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm\n f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm\n 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm\n 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm\n 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm\n fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm\n a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm\n cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm\n 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm\n 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm\n 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm\n dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm\n eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm\n ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm\n 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm\n ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm\n 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm\n a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm\n b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm\n df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm\n c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm\n a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm\n e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm\n 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm\n a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm\n e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm\n 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm\n 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm\n 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm\n 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm\n 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm\n f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm\n a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm\n bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm\n 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm\n 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm\n cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm\n 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm\n 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm\n ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm\n 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm\n 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm\n ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm\n a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm\n d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm\n 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm\n b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm\n 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm\n c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm\n 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm\n e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm\n ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm\n 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm\n f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm\n 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm\n 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm\n eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm\n 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm\n 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm\n ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm\n 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm\n 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm\n 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm\n 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm\n 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm\n 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm\n 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm\n ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm\n 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm\n c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm\n 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm\n 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm\n 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm\n 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm\n e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm\n 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm\n c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm\n 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm\n e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm\n 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm\n e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm\n 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm\n d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm\n e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Corporate 4.0:\n 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm\n 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm\n 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm\n 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm\n 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm\n eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm\n 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm\n b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm\n 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm\n afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm\n 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm\n eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm\n 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm\n 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm\n dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm\n ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm\n d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm\n bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.8 (GNU/Linux)\n\niD8DBQFHjmhKmqjQ0CJFipgRAkyLAJ4jEFMu2rAIE8XH60UDFYapm8fGgwCfaHL0\nO/KXRt/gdgAAug5/9/aFGGA=\n=YkQ1\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.1 or earlier. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01607570\nVersion: 1\n\nHPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-11-19\nLast Updated: 2008-11-19\n\nPotential Security Impact: Remote cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). \n\nReferences: CVE-2007-6388, CVE-2007-5000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has made patches available to resolve the vulnerabilities. \n\nThe patches are available from http://itrc.hp.com \n\nOV NNM v7.53 \n===========\nOperating_System - HP-UX (IA)\nResolved in Patch - PHSS_38148 or subsequent\n \nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38147 or subsequent\n \nOperating_System - Linux RedHatAS2.1 \nResolved in Patch - LXOV_00085 or subsequent\n \nOperating_System - Linux RedHat4AS-x86_64 \nResolved in Patch - LXOV_00086 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03514 or subsequent\n \nOV NNM v7.51 \n===========\nUpgrade to NNM v7.53 and install the patches listed above. \n\nOV NNM v7.01 \n===========\nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38761 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03516 or subsequent\n \n\nMANUAL ACTIONS: Yes - NonUpdate \nApply the appropriate file as described in the Resolution. \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS (for HP-UX)\n\nFor HP-UX OV NNM 7.53 \nHP-UX B.11.31 \nHP-UX B.11.23 (IA) \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38148 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.23 (PA) \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38147 or subsequent \nURL: http://itrc.hp.com \n\nFor HP-UX OV NNM 7.51 \nHP-UX B.11.31 \nHP-UX B.11.23 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches \n\nFor HP-UX OV NNM 7.01 \nHP-UX B.11.00 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38761 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS (for HP-UX)\n\nHISTORY \nVersion:1 (rev.1) - 19 November 2008 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs\nA2UIaH3YB7z+o42Tm7Eg7ahn\n=lskD\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5000"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-5000",
"trust": 3.7
},
{
"db": "SECUNIA",
"id": "28046",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "28073",
"trust": 2.5
},
{
"db": "BID",
"id": "26838",
"trust": 2.0
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4201",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0178",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0809",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4202",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1875",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0084",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-4301",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1623",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1224",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0398",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29988",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28081",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28471",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28375",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28749",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28467",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28526",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28922",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28750",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28607",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29640",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28525",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32800",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29806",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31142",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30356",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28196",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1019093",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "39134",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVN80057925",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2007-5000",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89987",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62719",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "72120",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"id": "VAR-200712-0594",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2024-11-29T20:29:16.733000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache httpd 1.3.41",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.41"
},
{
"title": "Fixed in Apache httpd 2.0.63",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.63"
},
{
"title": "Fixed in Apache httpd 2.2.8",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.8"
},
{
"title": "Revision 603282",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=603282"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307562-en"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897"
},
{
"title": "httpd-2.2.3-11.3.1AX",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=94"
},
{
"title": "interstage_as_200801",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200801.html"
},
{
"title": "JVN#80057925",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-80057925.html"
},
{
"title": "HS07-042",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-042_e/index-e.html"
},
{
"title": "HPSBUX02308",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01345501"
},
{
"title": "4019245",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"title": "PK58024",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK58024"
},
{
"title": "PK65782",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK65782"
},
{
"title": "7008517",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?rs=177\u0026uid=swg27008517#61015"
},
{
"title": "PK63273",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?rs=0\u0026context=SSEQTJ\u0026uid=swg1PK63273\u0026loc=en_US\u0026cs=utf-8\u0026cc=US\u0026lang=all"
},
{
"title": "7005198",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27005198#60"
},
{
"title": "7007033",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007033#60227"
},
{
"title": "1205",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1205"
},
{
"title": "1224",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1224"
},
{
"title": "1221",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1221"
},
{
"title": "NV07-013",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv07-013.html"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html"
},
{
"title": "RHSA-2008:0004",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0004.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0005.html"
},
{
"title": "RHSA-2008:0006",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0006.html"
},
{
"title": "RHSA-2008:0007",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0007.html"
},
{
"title": "RHSA-2008:0008",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0008.html"
},
{
"title": "July 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update"
},
{
"title": "233623",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"title": "TLSA-2007-56",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/TLSA-2007-56.txt"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-575-1"
},
{
"title": "Debian CVElist Bug Report Logs: apache2: CVE-2007-4465",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=8a7503dd359ab44b424a9918eb8a6f66"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/SecureAxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://secunia.com/advisories/28046"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/28073"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58024"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk58074"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200801e.html"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-032.htm"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk63273"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/26838"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1019093"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28081"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28196"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28375"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:014"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:015"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0004.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0006.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0007.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0008.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28467"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28471"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:016"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28525"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28526"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28607"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-575-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28749"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28750"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/39134"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00562.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00541.html"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28922"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29640"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29806"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0009.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29988"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30356"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31142"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30732"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0178"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4202"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4301"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0809/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1224/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/4201"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1623/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0084"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0398"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1875/references"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32800"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01345501"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39002"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39001"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9539"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/4201"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/4202"
},
{
"trust": 0.8,
"url": "http://jvn.jp/en/jp/jvn80057925/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5000"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.4,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "https://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01607570\u0026admit=109447627+1227181083938+28353475"
},
{
"trust": 0.3,
"url": " http://www.phptoys.com/product/micro-news.html"
},
{
"trust": 0.3,
"url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement1.3.html"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement2.0.html"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-031.htm"
},
{
"trust": 0.3,
"url": "http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.by3b3q..t.dhzu.1jro.hzoeej00"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0004.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0007.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0008.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/575-1/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2364"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/support.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6421"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3378"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4887"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"db": "BID",
"id": "26838"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "63217"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"date": "2007-12-12T00:00:00",
"db": "BID",
"id": "26838"
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"date": "2008-02-05T00:41:56",
"db": "PACKETSTORM",
"id": "63262"
},
{
"date": "2008-01-17T05:57:19",
"db": "PACKETSTORM",
"id": "62720"
},
{
"date": "2010-05-27T05:11:37",
"db": "PACKETSTORM",
"id": "89987"
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533"
},
{
"date": "2008-01-17T05:56:17",
"db": "PACKETSTORM",
"id": "62719"
},
{
"date": "2008-01-17T05:59:17",
"db": "PACKETSTORM",
"id": "62721"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2008-02-04T18:22:06",
"db": "PACKETSTORM",
"id": "63217"
},
{
"date": "2008-11-20T19:21:09",
"db": "PACKETSTORM",
"id": "72120"
},
{
"date": "2007-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"date": "2007-12-13T18:46:00",
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-03-07T00:00:00",
"db": "VULMON",
"id": "CVE-2007-5000"
},
{
"date": "2015-04-13T21:15:00",
"db": "BID",
"id": "26838"
},
{
"date": "2013-07-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000819"
},
{
"date": "2021-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-135"
},
{
"date": "2024-11-21T00:36:54.707000",
"db": "NVD",
"id": "CVE-2007-5000"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting vulnerability in Apache HTTP Server \"mod_imap\" and \"mod_imagemap\"",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000819"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-135"
}
],
"trust": 1.1
}
}
var-200110-0280
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.
References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I otH/juFiPayhwdxQwX1pZwdm =e4BA -----END PGP SIGNATURE----- . OpenSSL Security Advisory [28th September 2006]
New OpenSSL releases are now available to correct four security issues.
ASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)
Vulnerability
Dr. S. N. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory (CVE-2006-2937). Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack (CVE-2006-2940).
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. N. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project.
SSL_get_shared_ciphers() buffer overflow (CVE-2006-3738)
Vulnerability
A buffer overflow was discovered in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20060928.txt
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0280",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRbc7fOAfOvwtKn1ZEQJs6ACg9AMS2ZtEgsaZh7T9e8Q0OgyfmEQAni1I\notH/juFiPayhwdxQwX1pZwdm\n=e4BA\n-----END PGP SIGNATURE-----\n. OpenSSL Security Advisory [28th September 2006]\n\nNew OpenSSL releases are now available to correct four security\nissues. \n\n\nASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)\n==============================================================\n\nVulnerability\n-------------\n\nDr. S. N. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. This can result in an infinite loop which\nconsumes system memory (CVE-2006-2937). Certain types of public key can take disproportionate amounts of\ntime to process. This could be used by an attacker in a denial of\nservice attack (CVE-2006-2940). \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. N. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. \n\n\nSSL_get_shared_ciphers() buffer overflow (CVE-2006-3738)\n========================================================\n\nVulnerability\n-------------\n\nA buffer overflow was discovered in the SSL_get_shared_ciphers()\nutility function. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20060928.txt\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "169663"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.9
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.8
},
{
"db": "BID",
"id": "20247",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200110-0280",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-10-23T20:48:58.429000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.9,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.6,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2018-10-18T16:44:22.137000",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20247"
},
{
"db": "BID",
"id": "22083"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
}
}
var-201004-1006
Vulnerability from variot
Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The vmnc.dll library lacks input checking when processing HexTile encoded video blocks. The user is tricked into opening a malformed AVI file to trigger a heap overflow, causing arbitrary code execution. Multiple VMware products are prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote Vulnerabilities) but has been assigned its own record to better document it. VMware's enterprise software, VMware ESX Server, runs directly on server hardware without requiring an additional underlying operating system". from wikipedia
II.
III. Binary Analysis & Proof-fo-concept
In-depth binary analysis of the vulnerability and a PoC have been released by VUPEN through the VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
V. CREDIT
The vulnerability was discovered by Sebastien Renaud of VUPEN Security
VII. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats.
- VUPEN Vulnerability Notification Service:
http://www.vupen.com/english/services/
- VUPEN Binary Analysis & Exploits Service :
http://www.vupen.com/exploits/
VIII. DISCLOSURE TIMELINE
2009-09-14 - Vendor notified 2009-09-14 - Vendor response 2009-10-09 - Status update received 2009-10-27 - Status update received 2010-01-29 - Status update received 2010-03-05 - Status update received 2010-03-31 - Status update received 2010-04-09 - Coordinated public Disclosure
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141
Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.
Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.
Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.
End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.
End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.
Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.
- Problem Description
a. Windows-based VMware Tools Unsafe Library Loading vulnerability
A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.
This vulnerability is present only on Windows Guest Operating
Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.
VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.
Steps needed to remediate this vulnerability:
Guest systems on VMware Workstation, Player, ACE, Server, Fusion
- Install the remediated version of Workstation, Player, ACE,
Server and Fusion.
- Upgrade tools in the virtual machine (virtual machine users
will be prompted to upgrade).
Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
- Install the relevant patches (see below for patch identifiers)
- Manually upgrade tools in the virtual machine (virtual machine
users will not be prompted to upgrade). Note the VI Client will
not show the VMware tools is out of date in the summary tab.
Please see http://tinyurl.com/27mpjo page 80 for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any not affected
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x any 2.5.4 build 246459 or later
ACE 2.6.x Windows not affected
ACE 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any 2.0.2 build 203138 or later
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.6 build 246742 or later
ESXi 4.0 ESXi ESXi400-201002402-BG
ESXi 3.5 ESXi ESXe350-200912401-T-BG or later
ESX 4.0 ESX ESX400-201002401-BG
ESX 3.5 ESX ESX350-200912401-BG
ESX 3.0.3 ESX ESX303-201002203-UG
ESX 2.5.5 ESX Upgrade Patch 15
b. This vulnerability is present only on Windows Guest Operating Systems.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user. On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.
Steps needed to remediate this vulnerability: See section 3.a.
VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.
Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.
c. Windows-based VMware Workstation and Player host privilege escalation
A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.
In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine. On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.
VMware would like to thank Thierry Zoller for reporting this issue
to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x any not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.0 Linux not affected
Player 2.5.x any not affected
Ace any any not affected
Server 2.x any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
d. Third party library update for libpng to version 1.2.37
The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications.
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x any 6.5.4 build 246459 or later
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x any 2.5.4 build 246459 or later
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion any any Mac OS/X not affected
ESXi any ESXi not applicable
ESX any ESX not applicable
e.
For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Movie Decoder any Windows 6.5.4 Build 246459 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.x any not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
ACE any any not affected
Server 2.x Window not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
f. VMware Remote Console format string vulnerability
VMware Remote Console (VMrc) contains a format string vulnerability.
For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.
VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.
Under the following two conditions your version of VMrc is likely
to be affected:
- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system
The following steps allow you to determine if you have an affected
version of VMrc installed:
- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
VMrc is affected
Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):
- Uninstall affected versions of VMrc from the systems where the
VMrc plug-in has been installed (use the Windows Add/Remove
Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
ESX400-200911223-UG using WebAccess on the system where the VMrc
needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess. The
Console tab is selectable after selecting a virtual machine.
Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps.
Users are advised to use the Internet Explorer VMrc plug-in.
VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.
g. Windows-based VMware authd remote denial of service
A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts. The denial of service is limited
to a crash of authd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 Windows 7.0.1 build 227600 or later
Workstation 7.0 Linux not affected
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 Windows 3.0.1 build 227600 or later
Player 3.x Linux not affected
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x Windows not being addressed at this time
Server 2.x Linux not affected
Fusion any Mac OS/X not affected
ESXi any any not affected
ESX any any not affected
h. Potential information leak via hosted networking stack
A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.
A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.
VMware would like to thank Johann MacDonagh for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.0 any 7.0.1 build 227600 or later
Workstation 6.5.x Windows 6.5.4 build 246459 or later
Workstation 6.5.x Linux not affected
Player 3.0 any 3.0.1 build 227600 or later
Player 2.5.x Windows 2.5.4 build 246459 or later
Player 2.5.x Linux not affected
Ace 2.6 Windows 2.6.1 build 227600 or later
Ace 2.5.x Windows 2.5.4 build 246459 or later
Server 2.x any not being fixed at this time
Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
i. Linux-based vmrun format string vulnerability
A format string vulnerability in vmrun could allow arbitrary code
execution.
If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.
VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
VIX API any Windows not affected
VIX API 1.6.x Linux upgrade to VIX API 1.7 or later
VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later
Workstation 7.x any not affected
Workstation 6.5.x Windows not affected
Workstation 6.5.x Linux 6.5.4 build 246459 or later
Player 3.x any not affected
Player 2.5.x Windows not affected
Player 2.5.x Linux 2.5.4 build 246459 or later
Ace any Windows not affected
Server 2.x Windows not affected
Server 2.x Linux not being fixed at this time
Fusion 3.x Mac OS/X not affected
Fusion 2.x Mac OS/X 2.0.7 build 246742 or later
ESXi any any not affected
ESX any any not affected
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation Movie Decoder stand alone 6.5.4
http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29
VMware Workstation 7.0.1
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html
Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697
Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f
Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac
Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a
VMware Workstation 6.5.4
For Windows
http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8
VMware Player 3.0.1
http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html
Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf
Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a
Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df
VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9
VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6
VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d
VMware Player 2.5.4
http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html
Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5
Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d
Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7
Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72
Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22
VMware ACE 2.6.1
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html
VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206
VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984
ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5
ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798
ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f
ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d
VMware ACE 2.5.4
http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3
ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe
VMware Server 2.0.2
http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html
VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b
VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22
For Linux
VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747
VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece
The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474
VMware Fusion 3.0.2
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html
VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3
VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01
VMware Fusion 2.0.7
http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html
VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370
VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77
VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713
VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9
VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1
VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b
VIX API Version: 1.8.1 | 2009-10-11 | 207905
VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12
VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907
VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8
VIX API Version: 1.10 Beta | 01/28/10 | 222403
VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73
VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c
VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b
ESXi
ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404
ESXi 3.5
ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.
The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.
In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.
ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip
md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83
http://kb.vmware.com/kb/1015047 (Vi Client)
http://kb.vmware.com/kb/1016665 (VM Tools)
http://kb.vmware.com/kb/1017685 (Firmware)
The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
ESX
ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG
ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842
Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG
ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657
ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030
ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html
-
References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141
-
Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)
iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .
NOTE: Other products and versions may also be affected.
====================================================================== 2) Severity
Rating: Highly critical Impact: System access Where: Remote
====================================================================== 3) Vendor's Description of Software
"VMware Workstation makes it simple to create and run multiple virtual machines on your desktop or laptop computer.
The vulnerability is caused by a boundary error in vmnc.dll when processing HexTile encoded video chunks and can be exploited to cause a heap-based buffer overflow.
====================================================================== 6) Time Table
14/09/2009 - Vendor notified. 14/09/2009 - Vendor response. 09/04/2010 - Public disclosure.
====================================================================== 9) About Secunia
Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:
http://secunia.com/secunia_research/
Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:
http://secunia.com/corporate/jobs/
Secunia offers a FREE mailing list called Secunia Security Advisories:
http://secunia.com/advisories/mailing_lists/
====================================================================== 10) Verification
Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2009-36/
Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/
======================================================================
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-1006",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "server",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.0.0"
},
{
"model": "player",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "server",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.x"
},
{
"model": "player",
"scope": "eq",
"trust": 1.4,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "movie decoder",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "vmware",
"version": "6.5.0"
},
{
"model": "movie decoder",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "movie decoder",
"scope": "eq",
"trust": 0.6,
"vendor": "vmware",
"version": "6.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "movie decoder",
"version": "6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "workstation",
"version": "6.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "player",
"version": "2.5.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "server",
"version": "2.0.2"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "movie decoder",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4"
}
],
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "BID",
"id": "39363"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:vmware:movie_decoder",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alin Rad Pop",
"sources": [
{
"db": "PACKETSTORM",
"id": "88217"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
}
],
"trust": 0.7
},
"cve": "CVE-2009-1564",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2009-1564",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "7d740430-463f-11e9-9b95-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "4698decc-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-1564",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-1564",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-153",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2009-1564",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The vmnc.dll library lacks input checking when processing HexTile encoded video blocks. The user is tricked into opening a malformed AVI file to trigger a heap overflow, causing arbitrary code execution. Multiple VMware products are prone to a heap-based buffer-overflow vulnerability. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. \nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote Vulnerabilities) but has been assigned its own record to better document it. VMware\u0027s enterprise\nsoftware, VMware ESX Server, runs directly on server hardware\nwithout requiring an additional underlying operating system\". \nfrom wikipedia\n\n\nII. \n\n\nIII. Binary Analysis \u0026 Proof-fo-concept\n---------------------------------------\n\nIn-depth binary analysis of the vulnerability and a PoC\nhave been released by VUPEN through the VUPEN Binary Analysis\n\u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nV. CREDIT\n--------------\n\nThe vulnerability was discovered by Sebastien Renaud of VUPEN Security\n\n\nVII. ABOUT VUPEN Security\n---------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement and security intelligence solutions which enable enterprises\nand institutions to eliminate vulnerabilities before they can be exploited,\nensure security policy compliance and meaningfully measure and manage risks. \n\nGovernmental and federal agencies, and global enterprises in the financial\nservices, insurance, manufacturing and technology industries rely on VUPEN\nto improve their security, prioritize resources, cut time and costs, and\nstay ahead of the latest threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services/\n\n* VUPEN Binary Analysis \u0026 Exploits Service :\n\nhttp://www.vupen.com/exploits/\n\n\nVIII. DISCLOSURE TIMELINE\n----------------------------------- \n\n2009-09-14 - Vendor notified\n2009-09-14 - Vendor response\n2009-10-09 - Status update received\n2009-10-27 - Status update received\n2010-01-29 - Status update received\n2010-03-05 - Status update received\n2010-03-31 - Status update received\n2010-04-09 - Coordinated public Disclosure\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0007\nSynopsis: VMware hosted products, vCenter Server and ESX\n patches resolve multiple security issues\nIssue date: 2010-04-09\nUpdated on: 2010-04-09 (initial release of advisory)\nCVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n Notes:\n Effective May 2010, VMware\u0027s patch and update release program during\n Extended Support will be continued with the condition that all\n subsequent patch and update releases will be based on the latest\n baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n \"End of Product Availability FAQs\" at\n http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n details. \n\n Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan\n to upgrade to at least ESX 3.0.3 and preferably to the newest\n release available. \n\n Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan\n to upgrade to at least ESX 3.5 and preferably to the newest release\n available. \n\n End of General Support for VMware Workstation 6.x is 2011-04-27,\n users should plan to upgrade to the newest release available. \n\n End of General Support for VMware Server 2.0 is 2011-06-30, users\n should plan to upgrade to the newest release of either ESXi or\n VMware Player. \n\n Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n A vulnerability in the way VMware libraries are referenced allows\n for arbitrary code execution in the context of the logged on user. \n This vulnerability is present only on Windows Guest Operating\n Systems. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to lure the user that is logged on a Windows Guest\n Operating System to click on the attacker\u0027s file on a network\n share. This file could be in any file format. The attacker will\n need to have the ability to host their malicious files on a\n network share. \n\n VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n Security (http://www.acrossecurity.com) for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1141 to this issue. \n\n Steps needed to remediate this vulnerability:\n\n Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n - Install the remediated version of Workstation, Player, ACE,\n Server and Fusion. \n - Upgrade tools in the virtual machine (virtual machine users\n will be prompted to upgrade). \n\n Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n - Install the relevant patches (see below for patch identifiers)\n - Manually upgrade tools in the virtual machine (virtual machine\n users will not be prompted to upgrade). Note the VI Client will\n not show the VMware tools is out of date in the summary tab. \n Please see http://tinyurl.com/27mpjo page 80 for details. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. See above for remediation\n details. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any not affected\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x any 2.5.4 build 246459 or later\n\n ACE 2.6.x Windows not affected\n ACE 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any 2.0.2 build 203138 or later\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.6 build 246742 or later\n\n ESXi 4.0 ESXi ESXi400-201002402-BG\n ESXi 3.5 ESXi ESXe350-200912401-T-BG or later\n\n ESX 4.0 ESX ESX400-201002401-BG\n ESX 3.5 ESX ESX350-200912401-BG\n ESX 3.0.3 ESX ESX303-201002203-UG\n ESX 2.5.5 ESX Upgrade Patch 15\n\n b. This\n vulnerability is present only on Windows Guest Operating Systems. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the Virtual Machine of the user. On most\n recent versions of Windows (XP, Vista) the attacker would need to\n have administrator privileges to plant the malicious executable in\n the right location. \n\n Steps needed to remediate this vulnerability: See section 3.a. \n\n VMware would like to thank Mitja Kolsek of ACROS Security\n (http://www.acrossecurity.com) for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1142 to this issue. \n\n Refer to the previous table in section 3.a for what action\n remediates the vulnerability (column 4) if a solution is\n available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n escalation\n\n A vulnerability in the USB service allows for a privilege\n escalation. A local attacker on the host of a Windows-based\n Operating System where VMware Workstation or VMware Player\n is installed could plant a malicious executable on the host and\n elevate their privileges. \n\n In order for an attacker to exploit the vulnerability, the attacker\n would need to be able to plant their malicious executable in a\n certain location on the host machine. On most recent versions of\n Windows (XP, Vista) the attacker would need to have administrator\n privileges to plant the malicious executable in the right location. \n\n VMware would like to thank Thierry Zoller for reporting this issue\n to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-1140 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x any not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.0 Linux not affected\n Player 2.5.x any not affected\n\n Ace any any not affected\n\n Server 2.x any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n The libpng libraries through 1.2.35 contain an uninitialized-\n memory-read bug that may have security implications. \n Specifically, 1-bit (2-color) interlaced images whose widths are\n not divisible by 8 may result in several uninitialized bits at the\n end of certain rows in certain interlace passes being returned to\n the user. An application that failed to mask these out-of-bounds\n pixels might display or process them, albeit presumably with benign\n results in most cases. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2042 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not applicable\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x any 6.5.4 build 246459 or later\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x any 2.5.4 build 246459 or later\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion any any Mac OS/X not affected\n\n ESXi any ESXi not applicable\n\n ESX any ESX not applicable\n\n e. \n\n For an attack to be successful the user must be tricked into\n visiting a malicious web page or opening a malicious video file on\n a system that has the vulnerable version of the VMnc codec installed. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n issues. \n\n VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n of Secunia Research for reporting these issues to us. \n\n To remediate the above issues either install the stand alone movie\n decoder or update your product using the table below. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Movie Decoder any Windows 6.5.4 Build 246459 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.x any not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n ACE any any not affected\n\n Server 2.x Window not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\nf. VMware Remote Console format string vulnerability\n\n VMware Remote Console (VMrc) contains a format string vulnerability. \n\n For an attack to be successful, an attacker would need to trick the\n VMrc user into opening a malicious Web page or following a malicious\n URL. Code execution would be at the privilege level of the user. \n\n VMrc is present on a system if the VMrc browser plug-in has been\n installed. This plug-in is required when using the console feature in\n WebAccess. Installation of the plug-in follows after visiting the\n console tab in WebAccess and choosing \"Install plug-in\". The plug-\n in can only be installed on Internet Explorer and Firefox. \n\n Under the following two conditions your version of VMrc is likely\n to be affected:\n\n - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n without patch ESX400-200911223-UG and\n - VMrc is installed on a Windows-based system\n\n The following steps allow you to determine if you have an affected\n version of VMrc installed:\n\n - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n system\n - Right click and go to Properties\n - Go to the tab \"Versions\"\n - Click \"File Version\" in the \"Item Name\" window\n - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n VMrc is affected\n\n Remediation of this issue on Windows-based systems requires the\n following steps (Linux-based systems are not affected):\n\n - Uninstall affected versions of VMrc from the systems where the\n VMrc plug-in has been installed (use the Windows Add/Remove\n Programs interface)\n - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n ESX400-200911223-UG\n - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n ESX400-200911223-UG using WebAccess on the system where the VMrc\n needs to be re-installed\n - Re-install VMrc by going to the console tab in WebAccess. The\n Console tab is selectable after selecting a virtual machine. \n\n Note: the VMrc plug-in for Firefox on Windows-based operating\n systems is no longer compatible after the above remediation steps. \n Users are advised to use the Internet Explorer VMrc plug-in. \n\n VMware would like to thank Alexey Sintsov from Digital Security\n Research Group for reporting this issue to us. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n A vulnerability in vmware-authd could cause a denial of service\n condition on Windows-based hosts. The denial of service is limited\n to a crash of authd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3707 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 Windows 7.0.1 build 227600 or later\n Workstation 7.0 Linux not affected\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 Windows 3.0.1 build 227600 or later\n Player 3.x Linux not affected\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x Windows not being addressed at this time\n Server 2.x Linux not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any any not affected\n\n ESX any any not affected\n\n h. Potential information leak via hosted networking stack\n\n A vulnerability in the virtual networking stack of VMware hosted\n products could allow host information disclosure. \n\n A guest operating system could send memory from the host vmware-vmx\n process to the virtual network adapter and potentially to the\n host\u0027s physical Ethernet wire. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1138 to this issue. \n\n VMware would like to thank Johann MacDonagh for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.0 any 7.0.1 build 227600 or later\n Workstation 6.5.x Windows 6.5.4 build 246459 or later\n Workstation 6.5.x Linux not affected\n\n Player 3.0 any 3.0.1 build 227600 or later\n Player 2.5.x Windows 2.5.4 build 246459 or later\n Player 2.5.x Linux not affected\n\n Ace 2.6 Windows 2.6.1 build 227600 or later\n Ace 2.5.x Windows 2.5.4 build 246459 or later\n\n Server 2.x any not being fixed at this time\n\n Fusion 3.0 Mac OS/X 3.0.1 build 232708 or later\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n i. Linux-based vmrun format string vulnerability\n\n A format string vulnerability in vmrun could allow arbitrary code\n execution. \n\n If a vmrun command is issued and processes are listed, code could\n be executed in the context of the user listing the processes. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2010-1139 to this issue. \n\n VMware would like to thank Thomas Toth-Steiner for reporting this\n issue to us. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n VIX API any Windows not affected\n VIX API 1.6.x Linux upgrade to VIX API 1.7 or later\n VIX API 1.6.x Linux64 upgrade to VIX API 1.7 or later\n\n Workstation 7.x any not affected\n Workstation 6.5.x Windows not affected\n Workstation 6.5.x Linux 6.5.4 build 246459 or later\n\n Player 3.x any not affected\n Player 2.5.x Windows not affected\n Player 2.5.x Linux 2.5.4 build 246459 or later\n\n Ace any Windows not affected\n\n Server 2.x Windows not affected\n Server 2.x Linux not being fixed at this time\n\n Fusion 3.x Mac OS/X not affected\n Fusion 2.x Mac OS/X 2.0.7 build 246742 or later\n\n ESXi any any not affected\n\n ESX any any not affected\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation Movie Decoder stand alone 6.5.4\n --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n md5sum: ea2ac5907ae4c5c323147fe155443ab8\n sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n VMware Workstation 7.0.1\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n Release notes:\n http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n Workstation for Linux 32-bit with VMware Tools\n md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n Workstation for Linux 32-bit without VMware Tools\n md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n Workstation for Linux 64-bit with VMware Tools\n md5sum: 808682eaa6b202fa29172821f7378768\n sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n Workstation for Linux 64-bit without VMware Tools\n md5sum: 5116e27e7b13a76693402577bd9fda58\n sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n VMware Workstation 6.5.4\n ------------------------\n For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n For Linux\n http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n Release Notes:\n http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 9efb43a604d50e541eb3be7081b8b198\n sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: ed24296705ad48442549d9cb2b3c0d8d\n sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n VMware Player 3.0.1\n -------------------\n http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n Player for Windows 32-bit and 64-bit\n md5sum: 78c92c0242c9540f68a629d4ac49c516\n sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n Player for Linux 32-bit (.bundle)\n md5sum: e7cd19d39c7bbd1aee582743d76a7863\n sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n Player for Linux 64-bit (.bundle)\n md5sum: 88b08537c6eea705883dc1755b97738c\n sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n VMware VIX API for Windows 32-bit and 64-bit\n md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n VMware VIX API for 32-bit Linux\n md5sum: 8b0994a26363246b5e954f97bd5a088d\n sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n VMware VIX API for 64-bit Linux\n md5sum: ef7b9890c52b1e333f2357760a7fff85\n sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n VMware Player 2.5.4\n -------------------\n http://downloads.vmware.com/download/player/player_reg.html\n Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n Player for Windows 32-bit and 64-bit (.exe)\n md5sum: 531140a1eeed7d8b71f726b3d32a9174\n sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n Player for Linux (.rpm)\n md5sum: 1905f61af490f9760bef54450747e708\n sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n Player for Linux (.bundle)\n md5sum: 74f539005687a4efce7971f7ef019af5\n sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n Player for Linux - 64-bit (.rpm)\n md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n Player for Linux - 64-bit (.bundle)\n md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n VMware ACE 2.6.1\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n Release notes:\n http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n VMware Workstation for 32-bit and 64-bit Windows with tools\n md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n VMware Workstation for Windows 32-bit and 64-bit without tools\n md5sum: 6a18ea3847cb727b03f7890f5643db79\n sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n ACE Management Server Virtual Appliance\n md5sum: e26d258c511572064e99774fbac9184c\n sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n ACE Management Server for Windows\n md5sum: e970828f2a5a62ac108879033a70f4b6\n sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n ACE Management Server for SUSE Enterprise Linux 9\n md5sum: 59b3ad5964daef2844e72fd1765590fc\n sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n ACE Management Server for Red Hat Enterprise Linux 4\n md5sum: 6623f6a8a645402a1c8c351ec99a1889\n sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n VMware ACE 2.5.4\n ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n Release notes:\n http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 2dc393fcc4e78dcf2165098a4938699a\n sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n VMware Server 2.0.2\n -------------------\n http://www.vmware.com/download/server/\n Release notes:\n http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n VMware Server 2\n Version 2.0.2 | 203138 - 10/26/09\n 507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n master installer file containing all Windows components of VMware\n Server. \n md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n VIX API 1.6 for Windows\n Version 2.0.2 | 203138 - 10/26/09\n 37 MB image\n md5sum: 827e65e70803ec65ade62dd27a74407a\n sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n For Linux\n\n VMware Server 2 for Linux Operating Systems. \n Version 2.0.2 | 203138 - 10/26/09\n 37 MB TAR image\n md5sum: 95ddea5a0579a35887bd15b083ffea20\n sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n VMware Server 2 for Linux Operating Systems 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 452 MB RPM image\n md5sum: 35c8b176601133749e4055e0034f8be6\n sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n The core application needed to run VMware Server 2, 64-bit version. \n Version 2.0.2 | 203138 - 10/26/09\n 451 MB TAR image\n md5sum: cc7aef813008eeb7150c21547d431b39\n sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n VMware Fusion 3.0.2\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n VMware Fusion 3.0.2 (for Intel-based Macs)\n md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n VMware Fusion 2.0.7\n -------------------\n http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n VMware Fusion 2.0.7 (for Intel-based Macs)\n md5sum: a293f5ce6ccc227760640753386e9da6\n sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n VMware Fusion 2.0.7 Light (for Intel-based Macs)\n md5sum: d4772d118fb90323f598849e70c21189\n sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n ----------------------------------------------\n VIX API for Window 32-bit and 64-bit\n Main installation file for Windows 32-bit and 64-bit host\n md5sum:b494fc3092f07d0f29cc06a19fe61306\n sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n VIX API for Linux 32-bit\n md5sum:6b0ed8872d8b714363cddc68b6a77008\n sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n VIX API for Linux 64-bit\n md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n VIX API Version: 1.8.1 | 2009-10-11 | 207905\n ---------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:4f21e4cb518767bc08045f5a39f5d41f\n sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n VIX API for Linux 32-bit\n md5sum:f347e94d907c26754540d59956ee5d53\n sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n VIX API for Linux 64-bit\n md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n VIX API Version: 1.10 Beta | 01/28/10 | 222403\n ----------------------------------------------\n VIX API for Windows 32-bit and 64-bit\n md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n VIX API for Linux 32-bit\n md5sum:07d1989d042e317eb9d2b3daf269dda7\n sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n VIX API for Linux 64-bit\n md5sum:9b345008e0adec3c044988307294944b\n sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n ESXi\n ----\n ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n md5sum: e5aa2968d389594abdc59cbac7b0183d\n sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n http://kb.vmware.com/kb/1018404\n\n ESXi 3.5\n --------\n ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n ESXe350-200912401-O-BG from December 2009. \n\n The same patch, ESXe350-200912402-T-BG, is also contained in\n ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n included in ESXe350-201003401-O-BG from March 2010. \n\n\n ESXe350-201002401-O-SG (latest security update)\n http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n http://kb.vmware.com/kb/1015047 (Vi Client)\n\n http://kb.vmware.com/kb/1016665 (VM Tools)\n\n http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n ESX\n ---\n ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the bundle with the security fix,\n ESX400-201002401-BG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n md5sum: 99c1fcafbf0ca105ce73840d686e9914\n sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n http://kb.vmware.com/kb/1014842\n\n Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n ESX400-200911223-UG\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n ESX 3.5 patch ESX350-200912401-BG\n http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n md5sum: f1d3589745b4ae933554785aef22bacc\n sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n http://kb.vmware.com/kb/1016657\n\n ESX 3.0.3 patch ESX303-201002203-UG\n http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n md5sum: 49ee56b687707cbe6999836c315f081a\n http://kb.vmware.com/kb/1018030\n\n ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n md5sum: c346fe510b6e51145570e03083f77357\n sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n http://www.acrossecurity.com/advisories.htm\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09 VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nNOTE: Other products and versions may also be affected. \n\n====================================================================== \n2) Severity \n\nRating: Highly critical\nImpact: System access\nWhere: Remote\n\n====================================================================== \n3) Vendor\u0027s Description of Software \n\n\"VMware Workstation makes it simple to create and run multiple virtual\nmachines on your desktop or laptop computer. \n\nThe vulnerability is caused by a boundary error in vmnc.dll when \nprocessing HexTile encoded video chunks and can be exploited to cause\na heap-based buffer overflow. \n\n====================================================================== \n6) Time Table \n\n14/09/2009 - Vendor notified. \n14/09/2009 - Vendor response. \n09/04/2010 - Public disclosure. \n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2009-36/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1564"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "BID",
"id": "39363"
},
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "PACKETSTORM",
"id": "88301"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88217"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1564",
"trust": 4.1
},
{
"db": "SECUNIA",
"id": "39206",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "39215",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "36712",
"trust": 2.5
},
{
"db": "BID",
"id": "39363",
"trust": 2.2
},
{
"db": "OSVDB",
"id": "63614",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1023838",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2010-0565",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0852",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788\u203b14789",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14788",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D740430-463F-11E9-9B95-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "4698DECC-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2009-1564",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88301",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88217",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "BID",
"id": "39363"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "PACKETSTORM",
"id": "88301"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88217"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"id": "VAR-201004-1006",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
}
],
"trust": 0.1
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
}
]
},
"last_update_date": "2024-11-29T20:00:11.584000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2010-0007",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/164"
},
{
"title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39206"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/36712"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/39215"
},
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/39363"
},
{
"trust": 1.9,
"url": "http://osvdb.org/63614"
},
{
"trust": 1.9,
"url": "http://www.securitytracker.com/id?1023838"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"trust": 1.4,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=866"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
},
{
"trust": 0.9,
"url": "http://www.vupen.com/english/advisories/2010/0852"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1564"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.3,
"url": "/archive/1/510643"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
},
{
"trust": 0.2,
"url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
},
{
"trust": 0.2,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
},
{
"trust": 0.2,
"url": "http://downloads.vmware.com/download/player/player_reg.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services/"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/exploits/"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1015047"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016665"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018404"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1016657"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1017685"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018030"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://www.vupen.com)"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/27mpjo"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com)"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1014842"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
},
{
"trust": 0.1,
"url": "http://www.acrossecurity.com/advisories.htm"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_research/"
},
{
"trust": 0.1,
"url": "http://secunia.com/corporate/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/mailing_lists/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/products/ws/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "BID",
"id": "39363"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "PACKETSTORM",
"id": "88301"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88217"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"db": "BID",
"id": "39363"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"db": "PACKETSTORM",
"id": "88301"
},
{
"db": "PACKETSTORM",
"id": "88215"
},
{
"db": "PACKETSTORM",
"id": "88217"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-12T00:00:00",
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"date": "2010-04-12T00:00:00",
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"date": "2010-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"date": "2010-04-09T00:00:00",
"db": "BID",
"id": "39363"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"date": "2010-04-13T00:49:25",
"db": "PACKETSTORM",
"id": "88301"
},
{
"date": "2010-04-10T03:16:16",
"db": "PACKETSTORM",
"id": "88215"
},
{
"date": "2010-04-10T03:24:02",
"db": "PACKETSTORM",
"id": "88217"
},
{
"date": "2010-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"date": "2010-04-12T18:30:00.350000",
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"date": "2010-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1564"
},
{
"date": "2010-04-12T20:13:00",
"db": "BID",
"id": "39363"
},
{
"date": "2010-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001369"
},
{
"date": "2010-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-153"
},
{
"date": "2024-11-21T01:02:47.313000",
"db": "NVD",
"id": "CVE-2009-1564"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMware VMnc Codec HexTile Coded Video Block Parsing Heap Overflow Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0565"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "7d740430-463f-11e9-9b95-000c29342cb1"
},
{
"db": "IVD",
"id": "4698decc-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-153"
}
],
"trust": 1.0
}
}
var-200609-1247
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1247",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "64684"
}
],
"trust": 5.04
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "BID",
"id": "20248",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-1247",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-09-02T20:28:14.200000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200609-1335
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. (CVE-2006-4343)
Updated packages are patched to address these issues.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20060928.txt . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1335",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. (CVE-2006-4343)\n\n Updated packages are patched to address these issues. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerabilities could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20060928.txt\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "64684"
}
],
"trust": 5.67
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-1335",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-09-28T20:30:56.164000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200110-0211
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00967144 Version: 1
HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-04-12 Last Updated: 2007-04-12
Potential Security Impact: Remote unauthenticated arbitrary code execution or Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified on the Secure Sockets Layer (SSL) and BIND running on the HP Tru64 UNIX Operating System that may allow a remote attacker to execute arbitrary code or cause a Denial of Service (DoS).
References: VU#547300, VU#386964, CAN-2006-4339, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 (SSL) VU#697164, VU#915404, CVE-2007-0493, CVE-2007-0494 (BIND)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4.
HISTORY Version:1 (rev.1) - 12 April 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRiUNQ+AfOvwtKn1ZEQLdQgCdEpF7dyJMCx0S6FBh8zEs/1hrKIcAnjB3 gP3DWRATNULxgPyX4sSP1HEm =/EIA -----END PGP SIGNATURE----- . rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172 http://www.mandriva.com/security/
Package : openssl Date : September 28, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). (CVE-2006-4343)
Updated packages are patched to address these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
. OpenSSL Security Advisory [28th September 2006]
New OpenSSL releases are now available to correct four security issues.
ASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)
Vulnerability
Dr. S. N. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory (CVE-2006-2937). (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack (CVE-2006-2940).
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. N. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL.
References
URL for this Security Advisory: https://www.openssl.org/news/secadv_20060928.txt
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0211",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00967144\nVersion: 1\n\nHPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-04-12\nLast Updated: 2007-04-12\n\nPotential Security Impact: Remote unauthenticated arbitrary code execution or Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified on the Secure Sockets Layer (SSL) and BIND running on the HP Tru64 UNIX Operating System that may allow a remote attacker to execute arbitrary code or cause a Denial of Service (DoS). \n\nReferences: VU#547300, VU#386964, CAN-2006-4339, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 (SSL) \nVU#697164, VU#915404, CVE-2007-0493, CVE-2007-0494 (BIND) \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. \n\nHISTORY \nVersion:1 (rev.1) - 12 April 2007 Initial release \n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRiUNQ+AfOvwtKn1ZEQLdQgCdEpF7dyJMCx0S6FBh8zEs/1hrKIcAnjB3\ngP3DWRATNULxgPyX4sSP1HEm\n=/EIA\n-----END PGP SIGNATURE-----\n. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : September 28, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). (CVE-2006-4343)\n\n Updated packages are patched to address these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n. OpenSSL Security Advisory [28th September 2006]\n\nNew OpenSSL releases are now available to correct four security\nissues. \n\n\nASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)\n==============================================================\n\nVulnerability\n-------------\n\nDr. S. N. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. This can result in an infinite loop which\nconsumes system memory (CVE-2006-2937). (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. This could be used by an attacker in a denial of\nservice attack (CVE-2006-2940). \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. N. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20060928.txt\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
}
],
"trust": 5.31
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.3
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0211",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-10-25T20:10:19.581000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200609-1196
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 0.9.8d >= 0.9.8d *>= 0.9.7l
Description
Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally Dr. Stephen N. Henson found that the ASN.1 handler contains two Denial of Service vulnerabilities: while parsing an invalid ASN.1 structure and while handling certain types of public key. Finally a malicious server could crash a SSLv2 client through the SSLv2 vulnerability.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1196",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. Henson of the OpenSSL core team and Open Network Security is credited with the discovery of this vulnerability. He created the test suite that uncovered this issue.",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl \u003c 0.9.8d \u003e= 0.9.8d\n *\u003e= 0.9.7l\n\nDescription\n===========\n\nTavis Ormandy and Will Drewry, both of the Google Security Team,\ndiscovered that the SSL_get_shared_ciphers() function contains a buffer\noverflow vulnerability, and that the SSLv2 client code contains a flaw\nleading to a crash. Additionally Dr. Stephen N. Henson found that the\nASN.1 handler contains two Denial of Service vulnerabilities: while\nparsing an invalid ASN.1 structure and while handling certain types of\npublic key. Finally a\nmalicious server could crash a SSLv2 client through the SSLv2\nvulnerability. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
}
],
"trust": 5.22
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-1196",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-09-05T21:02:07.833000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
}
}
var-200706-0660
Vulnerability from variot
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value. The Apache mod_cache module is prone to a denial-of-service vulnerability. A remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM). This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated (CVE-2007-3304).
Updated packages have been patched to prevent the above issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
Updated Packages:
Mandriva Linux 2007.0: 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.1: 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Corporate 4.0: 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS Re00IyLecNs4MIGgsrv2qJE= =5EEm -----END PGP SIGNATURE-----
.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.6 *>= 2.0.59-r5 >= 2.2.6
Description
Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
Impact
A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
[ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01178795 Version: 1
HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-02 Last Updated: 2007-10-02
Potential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code.
References: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache
BACKGROUND To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision A.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01
action: install revision B.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability. HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. The update is available on https://www.hp.com/go/softwaredepot/ Note: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00.
MANUAL ACTIONS: Yes - Update Install HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 02 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ HHoe3AY1sc6hrW3Xk+B1hcbr =+E1W -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-499-1 August 16, 2007 apache2 vulnerabilities CVE-2006-5752, CVE-2007-1863, CVE-2007-3304 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.2 apache2-mpm-prefork 2.0.55-4ubuntu2.2 apache2-mpm-worker 2.0.55-4ubuntu2.2
Ubuntu 6.10: apache2-common 2.0.55-4ubuntu4.1 apache2-mpm-prefork 2.0.55-4ubuntu4.1 apache2-mpm-worker 2.0.55-4ubuntu4.1
Ubuntu 7.04: apache2-mpm-prefork 2.2.3-3.2ubuntu0.1 apache2-mpm-worker 2.2.3-3.2ubuntu0.1 apache2.2-common 2.2.3-3.2ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. (CVE-2006-5752)
Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)
A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz
Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc
Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb
Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171082 4318f93373b705563251f377ed398614
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 131850 951a4573901bc2f10d5febf940d57516
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171864 200ab662b2c13786658486df37fda881
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz
Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc
Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb
Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 171304 c4395af051e876228541ef5b8037d979
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 172078 01ccd554177364747b08e2933f121d2c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 93240 4573597317416869646eb2ea42cd0945
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 211578 9407383d85db831dab728b39cce9acc8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz
Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc
Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 2199184 c03756f87cb164213428532f70e0c198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 341312 906819b0de863209575aa65d39a594a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 446960 af1b667708e062f81bca4e995355394d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 404146 fd35e65fadd836feb0190b209947b466
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 430574 7b690896da23a151ee5e106d596c1143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 343370 1572a001a612add57d23350210ac1736
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0660",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.3.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.9"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.9"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.8"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.7"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.6"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.37"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.3"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.59 and earlier"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.4 and earlier"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "version"
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0.5"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "fedora core7",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.021"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.017"
},
{
"model": "emmc",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.7"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.32"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.28"
},
{
"model": "a9",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.36"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.34"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.33"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.32"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.31"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.28"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.27"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.25"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.23"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.18"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.7"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.2.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.0"
},
{
"model": "2.2.5-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "2.0.60-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "24649"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Niklas Edmundsson",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
}
],
"trust": 0.6
},
"cve": "CVE-2007-1863",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-1863",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-25225",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-1863",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-1863",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-496",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-25225",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25225"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value. The Apache mod_cache module is prone to a denial-of-service vulnerability. \nA remote attacker may be able to exploit this issue to crash the child process. This could lead to denial-of-service conditions if the server is using a multithreaded Multi-Processing Module (MPM). This could lead to a denial of service\n if using a threaded MPM (CVE-2007-1863). A local attacker with the\n ability to run scripts on the server could manipulate the scoreboard\n and cause arbitrary processes to be terminated (CVE-2007-3304). \n \n Updated packages have been patched to prevent the above issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm\n 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm\n 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm\n bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm\n c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm\n 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm\n d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm\n 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm\n f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm\n ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm\n d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm\n fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm\n 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm\n 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm\n 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm\n ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm\n c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm\n 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm\n 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm\n fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm\n 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm\n b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm\n 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm\n feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm\n a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm\n da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm\n ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm\n 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm\n 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm\n 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm\n d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm\n 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm\n f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm\n 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm\n adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm\n 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm\n 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm\n 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm\n 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm\n 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm\n b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm\n 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm\n 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm\n afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm\n d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm\n abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm\n b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm\n 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm\n 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm\n caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm\n e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Corporate 4.0:\n 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm\n 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm\n ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm\n 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm\n b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm\n c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm\n 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm\n a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm\n 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm\n 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm\n 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm\n 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm\n ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm\n a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm\n babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS\nRe00IyLecNs4MIGgsrv2qJE=\n=5EEm\n-----END PGP SIGNATURE-----\n\n. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.2.6 *\u003e= 2.0.59-r5\n \u003e= 2.2.6\n\nDescription\n===========\n\nMultiple cross-site scripting vulnerabilities have been discovered in\nmod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error\nhas been discovered in the recall_headers() function in mod_mem_cache\n(CVE-2007-1862). The mod_cache module does not properly sanitize\nrequests before processing them (CVE-2007-1863). The Prefork module\ndoes not properly check PID values before sending signals\n(CVE-2007-3304). The mod_proxy module does not correctly check headers\nbefore processing them (CVE-2007-3847). \n\nImpact\n======\n\nA remote attacker could exploit one of these vulnerabilities to inject\narbitrary script or HTML content, obtain sensitive information or cause\na Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.0.59-r5\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n [ 2 ] CVE-2007-1862\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862\n [ 3 ] CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n [ 4 ] CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n [ 5 ] CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n [ 6 ] CVE-2007-4465\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200711-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01178795\nVersion: 1\n\nHPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-02\nLast Updated: 2007-10-02\n\nPotential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code. \n\nReferences: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache\n\nBACKGROUND\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended patch or update is installed. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision A.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \n\naction: install revision B.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \nHP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \nThe update is available on https://www.hp.com/go/softwaredepot/ \nNote: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00. \n\nMANUAL ACTIONS: Yes - Update \nInstall HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 02 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ\nHHoe3AY1sc6hrW3Xk+B1hcbr\n=+E1W\n-----END PGP SIGNATURE-----\n. =========================================================== \nUbuntu Security Notice USN-499-1 August 16, 2007\napache2 vulnerabilities\nCVE-2006-5752, CVE-2007-1863, CVE-2007-3304\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.2\n apache2-mpm-prefork 2.0.55-4ubuntu2.2\n apache2-mpm-worker 2.0.55-4ubuntu2.2\n\nUbuntu 6.10:\n apache2-common 2.0.55-4ubuntu4.1\n apache2-mpm-prefork 2.0.55-4ubuntu4.1\n apache2-mpm-worker 2.0.55-4ubuntu4.1\n\nUbuntu 7.04:\n apache2-mpm-prefork 2.2.3-3.2ubuntu0.1\n apache2-mpm-worker 2.2.3-3.2ubuntu0.1\n apache2.2-common 2.2.3-3.2ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nStefan Esser discovered that mod_status did not force a character set,\nwhich could result in browsers becoming vulnerable to XSS attacks when\nprocessing the output. If a user were tricked into viewing server\nstatus output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such as\npasswords), within the same domain. By default, mod_status is disabled\nin Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made to\ncrash using a specially crafted request. A remote user could use this\nto cause a denial of service if Apache was configured to use a threaded\nworker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local\nattacker could trick Apache into sending SIGUSR1 to other processes. \nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz\n Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc\n Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb\n Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171082 4318f93373b705563251f377ed398614\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 131850 951a4573901bc2f10d5febf940d57516\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171864 200ab662b2c13786658486df37fda881\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz\n Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc\n Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb\n Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 171304 c4395af051e876228541ef5b8037d979\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 172078 01ccd554177364747b08e2933f121d2c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 93240 4573597317416869646eb2ea42cd0945\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 211578 9407383d85db831dab728b39cce9acc8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz\n Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc\n Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 2199184 c03756f87cb164213428532f70e0c198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 341312 906819b0de863209575aa65d39a594a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 446960 af1b667708e062f81bca4e995355394d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 404146 fd35e65fadd836feb0190b209947b466\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 430574 7b690896da23a151ee5e106d596c1143\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 343370 1572a001a612add57d23350210ac1736\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1863"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "BID",
"id": "24649"
},
{
"db": "VULHUB",
"id": "VHN-25225"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-1863",
"trust": 3.4
},
{
"db": "BID",
"id": "24649",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "26822",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25873",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27563",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26842",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26443",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "27037",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26993",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26273",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25920",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "26508",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "25830",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28606",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3386",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3283",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0233",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-2727",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "37079",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018303",
"trust": 1.7
},
{
"db": "USCERT",
"id": "SA08-150A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-87746",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-25225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57505",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58667",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25225"
},
{
"db": "BID",
"id": "24649"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"id": "VAR-200706-0660",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25225"
}
],
"trust": 0.26519225
},
"last_update_date": "2024-11-29T19:43:52.747000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache httpd 2.0.61-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.61-dev"
},
{
"title": "Fixed in Apache httpd 2.2.6-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.6-dev"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01178795"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02262.html"
},
{
"title": "4017303",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017303"
},
{
"title": "Fix Pack 13 (6.1.0.13)",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951#61013"
},
{
"title": "PK49355",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355"
},
{
"title": "4017141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017141"
},
{
"title": "httpd (V3.0,V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1073"
},
{
"title": "apache (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1078"
},
{
"title": "RHSA-2007:0533",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0533.html"
},
{
"title": "RHSA-2007:0534",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0534.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0556.html"
},
{
"title": "TLSA-2007-41",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/TLSA-2007-41.txt"
},
{
"title": "RHSA-2007:0533",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0533J.html"
},
{
"title": "RHSA-2007:0534",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0534J.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0556J.html"
},
{
"title": "TLSA-2007-41",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-41j.txt"
},
{
"title": "interstage_as_200802",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200802.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/24649"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk49355"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702"
},
{
"trust": 2.0,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0533.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0534.html"
},
{
"trust": 2.0,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0556.html"
},
{
"trust": 2.0,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-353.htm"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200711-06.xml"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018303"
},
{
"trust": 1.7,
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25830"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25873"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/25920"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26273"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26443"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26508"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26822"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26842"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26993"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27037"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27563"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27732"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28606"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.7,
"url": "http://osvdb.org/37079"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2727"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3283"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0233"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html"
},
{
"trust": 1.7,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01178795"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:140"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:141"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0557.html"
},
{
"trust": 1.7,
"url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-499-1"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=186219"
},
{
"trust": 1.7,
"url": "https://issues.rpath.com/browse/rpl-1500"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9824"
},
{
"trust": 1.6,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=535617"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-150a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-150a/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1863"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-150a.html"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs."
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.3,
"url": "/archive/1/481830"
},
{
"trust": 0.3,
"url": "/archive/1/479708"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-327.htm"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://svn.apache.org/viewvc?view=rev\u0026amp;revision=535617"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1358"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/softwaredepot/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1355"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3386"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2450"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3382"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2756"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3385"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2449"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25225"
},
{
"db": "BID",
"id": "24649"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-25225"
},
{
"db": "BID",
"id": "24649"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-27T00:00:00",
"db": "VULHUB",
"id": "VHN-25225"
},
{
"date": "2007-06-26T00:00:00",
"db": "BID",
"id": "24649"
},
{
"date": "2007-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"date": "2007-07-07T04:30:58",
"db": "PACKETSTORM",
"id": "57506"
},
{
"date": "2007-07-07T04:29:41",
"db": "PACKETSTORM",
"id": "57505"
},
{
"date": "2007-11-07T20:27:55",
"db": "PACKETSTORM",
"id": "60759"
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533"
},
{
"date": "2007-10-10T05:27:27",
"db": "PACKETSTORM",
"id": "59939"
},
{
"date": "2007-08-17T06:30:14",
"db": "PACKETSTORM",
"id": "58667"
},
{
"date": "2007-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"date": "2007-06-27T17:30:00",
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-25225"
},
{
"date": "2010-08-05T21:15:00",
"db": "BID",
"id": "24649"
},
{
"date": "2009-02-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000506"
},
{
"date": "2023-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-496"
},
{
"date": "2024-11-21T00:29:20.153000",
"db": "NVD",
"id": "CVE-2007-1863"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server of mod_cache In module null The problem of caching values that are",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000506"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-496"
}
],
"trust": 0.6
}
}
var-200110-0185
Vulnerability from variot
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may allow an attacker to forge RSA signatures. RSA The signature is used to prove that the message origin can be trusted. RSA There is a vulnerability in multiple software that implements that the signature is not verified correctly. For example, SSH , SSL , PGP , X.509 May affect the software.By a remote third party RSA The signature may be forged. This may prevent the validity of the signed message. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. =========================================================== Ubuntu Security Notice USN-339-1 September 05, 2006 openssl vulnerability CVE-2006-4339 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 5.04: libssl0.9.7 0.9.7e-3ubuntu0.3
Ubuntu 5.10: libssl0.9.7 0.9.7g-1ubuntu1.2
Ubuntu 6.06 LTS: libssl0.9.8 0.9.8a-7ubuntu0.1
After a standard system upgrade you need to reboot your computer to effect the necessary changes.
Details follow:
Philip Mackenzie, Marius Schilder, Jason Waddle and Ben Laurie of Google Security discovered that the OpenSSL library did not sufficiently check the padding of PKCS #1 v1.5 signatures if the exponent of the public key is 3 (which is widely used for CAs).
Updated packages for Ubuntu 5.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3.diff.gz
Size/MD5: 29738 8ff4b43003645c9cc0340b7aeaa0e943
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3.dsc
Size/MD5: 645 f1d90d6945db3f52eb9e523cd2257cb3
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e.orig.tar.gz
Size/MD5: 3043231 a8777164bca38d84e5eb2b1535223474
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_amd64.udeb
Size/MD5: 495170 6ecb42d8f16500657a823c246d90f721
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_amd64.deb
Size/MD5: 2693394 8554202ca8540221956438754ce83daa
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_amd64.deb
Size/MD5: 769732 1924597de3a34f244d50812ce47e839f
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_amd64.deb
Size/MD5: 903646 0da1a7985ac40c27bffd43effcdeb306
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_i386.udeb
Size/MD5: 433284 3701e85ed202bc56684583e5cdcee090
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_i386.deb
Size/MD5: 2492646 bbb95c47fede95c469d7fdef9faeedcf
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_i386.deb
Size/MD5: 2241170 8f890db2ab8675adccb3e5f9e9129c97
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_i386.deb
Size/MD5: 901102 f43171afd1211d5026a0241abbce7710
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_powerpc.udeb
Size/MD5: 499392 6c4844845826d244a5062664d725d7f4
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_powerpc.deb
Size/MD5: 2774414 f275ee27e93d2ddbdf7af62837512b4a
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_powerpc.deb
Size/MD5: 779388 29c64dab8447a8a79c2b82e6aad0c900
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_powerpc.deb
Size/MD5: 908166 34dc1579ba2d5543f841ca917c1f7f35
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2.diff.gz
Size/MD5: 30435 9ad78dd2d10b6a32b2efa84aeedc1b28
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2.dsc
Size/MD5: 657 1d871efaeb3b5bafccb17ec8787ae57c
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g.orig.tar.gz
Size/MD5: 3132217 991615f73338a571b6a1be7d74906934
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_amd64.udeb
Size/MD5: 498836 bd128f07f8f4ff96c7a4ec0cd01a5a24
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_amd64.deb
Size/MD5: 2699482 cdefd160fc10ae893743cff5bf872463
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_amd64.deb
Size/MD5: 773202 41180b2c148cbee6a514ca07d9d8038c
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_amd64.deb
Size/MD5: 913254 4d7d2b9debbe46c070628174e4359281
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_i386.udeb
Size/MD5: 430730 904e4e96ab1f84715cdf0db8bd34b5c5
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_i386.deb
Size/MD5: 2479858 e18443ee7bd4bacf1b2b9e1b64c9733e
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_i386.deb
Size/MD5: 2203354 799110bb4e00931d801208e97316c2a5
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_i386.deb
Size/MD5: 904410 d19a02f94c4e321112ba4cc4091ae398
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_powerpc.udeb
Size/MD5: 476320 0e8146d671c590e6cfb260da7e7bd94e
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_powerpc.deb
Size/MD5: 2656084 4f5799481d8abb40bc7e5ff712349b33
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_powerpc.deb
Size/MD5: 752756 24177008d7989591e7a10ce33e4f15e4
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_powerpc.deb
Size/MD5: 910052 ea5f2afb2b1e05913668d04cb14f4d5a
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_sparc.udeb
Size/MD5: 452112 7287ea7ed03e385eedc38be06052e554
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_sparc.deb
Size/MD5: 2569762 159afe6386461da5a10d58594604f923
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_sparc.deb
Size/MD5: 1791288 d30b69f5e3d3b4b3ca6c889577d4c30a
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_sparc.deb
Size/MD5: 918074 81e40476e7153055043ee7ae07ab9b15
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1.diff.gz
Size/MD5: 35264 b4ff10d076548a137e80df0ea6133cf6
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1.dsc
Size/MD5: 816 1748b5fba8b23850f0a35186e8d80b0b
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a.orig.tar.gz
Size/MD5: 3271435 1d16c727c10185e4d694f87f5e424ee1
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_amd64.udeb
Size/MD5: 571346 32560c34d375896443908ad44ef37724
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_amd64.deb
Size/MD5: 2166016 7478ed6526daef015f02e53ecd29c794
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_amd64.deb
Size/MD5: 1681264 f38fa12908776cad70e4f03f5d82ec52
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_amd64.deb
Size/MD5: 873938 905d85741bd0f71d997b0ad1da0af1c1
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_amd64.deb
Size/MD5: 984054 0b7663affd06815eda8f814ce98eddf1
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_i386.udeb
Size/MD5: 508988 17028f0a0751e40a77199e0727503726
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_i386.deb
Size/MD5: 2022304 daa0e6b56441e0b2fa71e14de831dc41
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_i386.deb
Size/MD5: 5046624 d14ffd5dccbba81c666d149b9b80affb
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_i386.deb
Size/MD5: 2591760 9581e906f3ba5da9983514eca0d10d82
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_i386.deb
Size/MD5: 975476 840ba1e9f244516df5cf9e5f48667879
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_powerpc.udeb
Size/MD5: 557516 0ea8220e55677599c9867d9104bee981
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_powerpc.deb
Size/MD5: 2179304 8356a41ecc095a3a4ec4163f39374bda
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_powerpc.deb
Size/MD5: 1725322 7a60fe2ec5537c970d80cf5e48db1ebd
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_powerpc.deb
Size/MD5: 860294 6ba3aadd9a9f930e5c893165bc61ae93
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_powerpc.deb
Size/MD5: 979370 db3041b4dab69fe48bf2d34d572f4c36
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_sparc.udeb
Size/MD5: 530316 67e7789eaa5ca6b1edf6408edc7c0835
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_sparc.deb
Size/MD5: 2091014 a250f9740992c202cd088a0824ceb07a
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_sparc.deb
Size/MD5: 3939674 4007aa0e07366b2ac9c090409ef22e7b
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_sparc.deb
Size/MD5: 2089320 672bd1ace848bdb20496ff9ff66a8873
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_sparc.deb
Size/MD5: 987236 ecacd01dc72995f246531c25e783a879
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200609-05
http://security.gentoo.org/
Severity: Normal Title: OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery Date: September 07, 2006 Bugs: #146375, #146438 ID: 200609-05
Synopsis
OpenSSL fails to properly validate PKCS #1 v1.5 signatures.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. The x86 emulation base libraries for AMD64 contain a vulnerable version of OpenSSL.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 openssl < 0.9.7k >= 0.9.7k 2 emul-x86-linux-baselibs < 2.5.2 >= 2.5.2 ------------------------------------------------------------------- # Package 2 [app-emulation/emul-x86-linux-baselibs] only applies to AMD64 users.
NOTE: Any packages listed without architecture tags apply to all
architectures...
-------------------------------------------------------------------
2 affected packages
-------------------------------------------------------------------
Description
Daniel Bleichenbacher discovered that it might be possible to forge signatures signed by RSA keys with the exponent of 3.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7k"
All AMD64 x86 emulation base libraries users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/emul-x86-linux-baselibs-2.5.2"
References
[ 1 ] CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200609-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0185",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openssl",
"scope": "lte",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "teamware office",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "200x security options v2.0l10"
},
{
"model": "teamware office",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "security options v5.3l13"
},
{
"model": "openoffice.org",
"scope": "eq",
"trust": 0.8,
"vendor": "openoffice",
"version": "2"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f80"
},
{
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 8 and earlier"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.2_12 and earlier"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "one application server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7"
},
{
"model": "interscan gateway security appliance",
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.8,
"vendor": "bea",
"version": "9.2"
},
{
"model": "weblogic express",
"scope": "eq",
"trust": 0.8,
"vendor": "bea",
"version": "9.1"
},
{
"model": "ip8800/700 series",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "weblogic server",
"scope": "lte",
"trust": 0.8,
"vendor": "bea",
"version": "8.1 sp 6 and earlier"
},
{
"model": "pki server /carassuit verification server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver1.1"
},
{
"model": "secureware/pki application development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver2.0 ssl option"
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.8"
},
{
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.3.1_19 and earlier"
},
{
"model": "mucho series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "mucho-ev/pk"
},
{
"model": "j2se",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.0.3_03 and earlier"
},
{
"model": "one application server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "platform edition 8.1 2005 q1"
},
{
"model": "java enterprise system",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2005q1 2005q4"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "weblogic express",
"scope": "lte",
"trust": 0.8,
"vendor": "bea",
"version": "8.1 sp 6 and earlier"
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "sdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.4.2_12 and earlier"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "secureware/ electronic signature development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver1.0 ssl option (linux edition )"
},
{
"model": "weblogic express",
"scope": "eq",
"trust": 0.8,
"vendor": "bea",
"version": "9.0"
},
{
"model": "trendmicro interscan viruswall",
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "tectia client",
"scope": "lte",
"trust": 0.8,
"vendor": "ssh security",
"version": "5.1.0 and earlier"
},
{
"model": "enterprisedirectoryserver",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "all versions"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.8,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.1 sp6 and earlier"
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "java system application server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "enterprise edition 8.1 2005 q1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1 and earlier"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f100"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.8"
},
{
"model": "ucosminexus service platform",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "secureware/ security pack",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7j and earlier"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "3.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f40 ( pki only if the option is applied)"
},
{
"model": "trendmicro interscan web security suite",
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.8"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f1000"
},
{
"model": "weblogic server",
"scope": "eq",
"trust": 0.8,
"vendor": "bea",
"version": "9.0"
},
{
"model": "cosminexus server - enterprise edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "tectia server",
"scope": "lte",
"trust": 0.8,
"vendor": "ssh security",
"version": "5.1.0 and earlier"
},
{
"model": "cosminexus server - web edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "interscan messaging security suite",
"scope": null,
"trust": 0.8,
"vendor": "trend micro",
"version": null
},
{
"model": "cosminexus server - standard edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "swimradius",
"scope": null,
"trust": 0.8,
"vendor": "allied telesis",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "weblogic server",
"scope": "lte",
"trust": 0.8,
"vendor": "bea",
"version": "7.0 sp 7 and earlier"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1 and earlier"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "teamware office",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "200x security options v2.0l30"
},
{
"model": "switch for windows",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "3.1.5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "switch",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail",
"version": "3.2.4 and earlier"
},
{
"model": "teamware office",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "200x security options v1.0l10"
},
{
"model": "teamware office",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "200x security options v2.0l20"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "teamware office",
"scope": "eq",
"trust": 0.8,
"vendor": "fujitsu",
"version": "security options v5.3l11"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10cu2"
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "java system web proxy server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "4.0 sp3 and earlier"
},
{
"model": "java system application server",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7 2004q2"
},
{
"model": "serverprotect",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "for linux"
},
{
"model": "fitelnet-f series",
"scope": "eq",
"trust": 0.8,
"vendor": "furukawa electric",
"version": "fitelnet-f120"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "pki server /carassuit verification server",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "ver1.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.10"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "weblogic express",
"scope": "eq",
"trust": 0.8,
"vendor": "bea",
"version": "9.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.3.9"
},
{
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar415s"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "weblogic express",
"scope": "lte",
"trust": 0.8,
"vendor": "bea",
"version": "7.0 sp 7 and earlier"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8b and earlier"
},
{
"model": "java enterprise system",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2004q2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.10"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"model": "java system web server",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "6.0 sp10 and earlier"
},
{
"model": "jdk",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.3.1_19 and earlier"
},
{
"model": "jre",
"scope": "lte",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "5.0 update 8 and earlier"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "java enterprise system",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2003q4"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 0.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.9.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com\u203bVicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es\u203bAlexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2006-4339",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4339",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. This vulnerability may allow an attacker to forge RSA signatures. RSA The signature is used to prove that the message origin can be trusted. RSA There is a vulnerability in multiple software that implements that the signature is not verified correctly. For example, SSH , SSL , PGP , X.509 May affect the software.By a remote third party RSA The signature may be forged. This may prevent the validity of the signed message. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. =========================================================== \nUbuntu Security Notice USN-339-1 September 05, 2006\nopenssl vulnerability\nCVE-2006-4339\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 5.04\nUbuntu 5.10\nUbuntu 6.06 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 5.04:\n libssl0.9.7 0.9.7e-3ubuntu0.3\n\nUbuntu 5.10:\n libssl0.9.7 0.9.7g-1ubuntu1.2\n\nUbuntu 6.06 LTS:\n libssl0.9.8 0.9.8a-7ubuntu0.1\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes. \n\nDetails follow:\n\nPhilip Mackenzie, Marius Schilder, Jason Waddle and Ben Laurie of\nGoogle Security discovered that the OpenSSL library did not\nsufficiently check the padding of PKCS #1 v1.5 signatures if the\nexponent of the public key is 3 (which is widely used for CAs). \n\n\nUpdated packages for Ubuntu 5.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3.diff.gz\n Size/MD5: 29738 8ff4b43003645c9cc0340b7aeaa0e943\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3.dsc\n Size/MD5: 645 f1d90d6945db3f52eb9e523cd2257cb3\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e.orig.tar.gz\n Size/MD5: 3043231 a8777164bca38d84e5eb2b1535223474\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_amd64.udeb\n Size/MD5: 495170 6ecb42d8f16500657a823c246d90f721\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_amd64.deb\n Size/MD5: 2693394 8554202ca8540221956438754ce83daa\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_amd64.deb\n Size/MD5: 769732 1924597de3a34f244d50812ce47e839f\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_amd64.deb\n Size/MD5: 903646 0da1a7985ac40c27bffd43effcdeb306\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_i386.udeb\n Size/MD5: 433284 3701e85ed202bc56684583e5cdcee090\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_i386.deb\n Size/MD5: 2492646 bbb95c47fede95c469d7fdef9faeedcf\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_i386.deb\n Size/MD5: 2241170 8f890db2ab8675adccb3e5f9e9129c97\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_i386.deb\n Size/MD5: 901102 f43171afd1211d5026a0241abbce7710\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_powerpc.udeb\n Size/MD5: 499392 6c4844845826d244a5062664d725d7f4\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_powerpc.deb\n Size/MD5: 2774414 f275ee27e93d2ddbdf7af62837512b4a\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_powerpc.deb\n Size/MD5: 779388 29c64dab8447a8a79c2b82e6aad0c900\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_powerpc.deb\n Size/MD5: 908166 34dc1579ba2d5543f841ca917c1f7f35\n\nUpdated packages for Ubuntu 5.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2.diff.gz\n Size/MD5: 30435 9ad78dd2d10b6a32b2efa84aeedc1b28\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2.dsc\n Size/MD5: 657 1d871efaeb3b5bafccb17ec8787ae57c\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g.orig.tar.gz\n Size/MD5: 3132217 991615f73338a571b6a1be7d74906934\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_amd64.udeb\n Size/MD5: 498836 bd128f07f8f4ff96c7a4ec0cd01a5a24\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_amd64.deb\n Size/MD5: 2699482 cdefd160fc10ae893743cff5bf872463\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_amd64.deb\n Size/MD5: 773202 41180b2c148cbee6a514ca07d9d8038c\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_amd64.deb\n Size/MD5: 913254 4d7d2b9debbe46c070628174e4359281\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_i386.udeb\n Size/MD5: 430730 904e4e96ab1f84715cdf0db8bd34b5c5\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_i386.deb\n Size/MD5: 2479858 e18443ee7bd4bacf1b2b9e1b64c9733e\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_i386.deb\n Size/MD5: 2203354 799110bb4e00931d801208e97316c2a5\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_i386.deb\n Size/MD5: 904410 d19a02f94c4e321112ba4cc4091ae398\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_powerpc.udeb\n Size/MD5: 476320 0e8146d671c590e6cfb260da7e7bd94e\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_powerpc.deb\n Size/MD5: 2656084 4f5799481d8abb40bc7e5ff712349b33\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_powerpc.deb\n Size/MD5: 752756 24177008d7989591e7a10ce33e4f15e4\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_powerpc.deb\n Size/MD5: 910052 ea5f2afb2b1e05913668d04cb14f4d5a\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_sparc.udeb\n Size/MD5: 452112 7287ea7ed03e385eedc38be06052e554\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_sparc.deb\n Size/MD5: 2569762 159afe6386461da5a10d58594604f923\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_sparc.deb\n Size/MD5: 1791288 d30b69f5e3d3b4b3ca6c889577d4c30a\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_sparc.deb\n Size/MD5: 918074 81e40476e7153055043ee7ae07ab9b15\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1.diff.gz\n Size/MD5: 35264 b4ff10d076548a137e80df0ea6133cf6\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1.dsc\n Size/MD5: 816 1748b5fba8b23850f0a35186e8d80b0b\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a.orig.tar.gz\n Size/MD5: 3271435 1d16c727c10185e4d694f87f5e424ee1\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_amd64.udeb\n Size/MD5: 571346 32560c34d375896443908ad44ef37724\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_amd64.deb\n Size/MD5: 2166016 7478ed6526daef015f02e53ecd29c794\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_amd64.deb\n Size/MD5: 1681264 f38fa12908776cad70e4f03f5d82ec52\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_amd64.deb\n Size/MD5: 873938 905d85741bd0f71d997b0ad1da0af1c1\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_amd64.deb\n Size/MD5: 984054 0b7663affd06815eda8f814ce98eddf1\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_i386.udeb\n Size/MD5: 508988 17028f0a0751e40a77199e0727503726\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_i386.deb\n Size/MD5: 2022304 daa0e6b56441e0b2fa71e14de831dc41\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_i386.deb\n Size/MD5: 5046624 d14ffd5dccbba81c666d149b9b80affb\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_i386.deb\n Size/MD5: 2591760 9581e906f3ba5da9983514eca0d10d82\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_i386.deb\n Size/MD5: 975476 840ba1e9f244516df5cf9e5f48667879\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_powerpc.udeb\n Size/MD5: 557516 0ea8220e55677599c9867d9104bee981\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_powerpc.deb\n Size/MD5: 2179304 8356a41ecc095a3a4ec4163f39374bda\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_powerpc.deb\n Size/MD5: 1725322 7a60fe2ec5537c970d80cf5e48db1ebd\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_powerpc.deb\n Size/MD5: 860294 6ba3aadd9a9f930e5c893165bc61ae93\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_powerpc.deb\n Size/MD5: 979370 db3041b4dab69fe48bf2d34d572f4c36\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_sparc.udeb\n Size/MD5: 530316 67e7789eaa5ca6b1edf6408edc7c0835\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_sparc.deb\n Size/MD5: 2091014 a250f9740992c202cd088a0824ceb07a\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_sparc.deb\n Size/MD5: 3939674 4007aa0e07366b2ac9c090409ef22e7b\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_sparc.deb\n Size/MD5: 2089320 672bd1ace848bdb20496ff9ff66a8873\n http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_sparc.deb\n Size/MD5: 987236 ecacd01dc72995f246531c25e783a879\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200609-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL, AMD64 x86 emulation base libraries: RSA signature\n forgery\n Date: September 07, 2006\n Bugs: #146375, #146438\n ID: 200609-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL fails to properly validate PKCS #1 v1.5 signatures. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. \nThe x86 emulation base libraries for AMD64 contain a vulnerable version\nof OpenSSL. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 openssl \u003c 0.9.7k \u003e= 0.9.7k\n 2 emul-x86-linux-baselibs \u003c 2.5.2 \u003e= 2.5.2\n -------------------------------------------------------------------\n # Package 2 [app-emulation/emul-x86-linux-baselibs] only applies\n to AMD64 users. \n\n NOTE: Any packages listed without architecture tags apply to all\n architectures... \n -------------------------------------------------------------------\n 2 affected packages\n -------------------------------------------------------------------\n\nDescription\n===========\n\nDaniel Bleichenbacher discovered that it might be possible to forge\nsignatures signed by RSA keys with the exponent of 3. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7k\"\n\nAll AMD64 x86 emulation base libraries users should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/emul-x86-linux-baselibs-2.5.2\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-4339\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200609-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4339"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "49758"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "49826"
}
],
"trust": 3.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-4339",
"trust": 3.0
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.9
},
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 2.6
},
{
"db": "BID",
"id": "19849",
"trust": 2.1
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "25399",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22936",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23841",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21785",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21870",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22934",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22689",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22509",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21927",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "28115",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22733",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22938",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21852",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22932",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21873",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22937",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "41818",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "38568",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21776",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22523",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25649",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21982",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21767",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22232",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22513",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21846",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22949",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21823",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22161",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22940",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21778",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23455",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22948",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21812",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22585",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22545",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24099",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-4224",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4586",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4216",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-5146",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4205",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3730",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4206",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1945",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4744",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0366",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0254",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3453",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4207",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3566",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1815",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2163",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016791",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-000079",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "28549",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVN51615542",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA07-017A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000532",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "49758",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "49826",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"db": "PACKETSTORM",
"id": "49758"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "49826"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"id": "VAR-200110-0185",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.32525984999999996
},
"last_update_date": "2024-06-20T22:04:22.404000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Update 2006-007 (10.3.9 Server)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20060071039server.html"
},
{
"title": "Security Update 2006-007 (10.4.8 Client PPC)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20060071048clientppc.html"
},
{
"title": "Security Update 2006-007 (10.4.8 Server PPC)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20060071048serverppc.html"
},
{
"title": "Security Update 2006-007 (10.4.8 Server Universal)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20060071048serveruniversal.html"
},
{
"title": "Security Update 2006-007 (10.4.8 Client Intel)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20060071048clientintel.html"
},
{
"title": "Security Update 2006-007 (10.3.9 Client)",
"trust": 0.8,
"url": "http://www.apple.com/support/downloads/securityupdate20060071039client.html"
},
{
"title": "Security Update 2006-007",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=304829-en"
},
{
"title": "Java Release 6 for Mac OS X 10.4",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307177-en"
},
{
"title": "Java Release 6 for Mac OS X 10.4",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307177-ja"
},
{
"title": "Security Update 2006-007",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=304829-ja"
},
{
"title": "BEA07-169.00",
"trust": 0.8,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"title": "BEA07-169.00",
"trust": 0.8,
"url": "http://www.beasys.co.jp/dev2dev/resourcelibrary/advisoriesnotifications/bea07-169.html"
},
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"title": "RSA \u7f72\u540d\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306e\u554f\u984c\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.furukawa.co.jp/fitelnet/topic/x509_attacks.html"
},
{
"title": "HS07-034",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs07-034/index.html"
},
{
"title": "HPSBUX02165",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00794048"
},
{
"title": "HPSBUX02219",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c01070495"
},
{
"title": "HPSBUX02165",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02165.html"
},
{
"title": "HPSBUX02219",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02219.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"title": "1003",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1003"
},
{
"title": "466",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=466"
},
{
"title": "462",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=462"
},
{
"title": "NV06-007",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv06-007.html"
},
{
"title": "CVE-2006-4339",
"trust": 0.8,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"title": "secadv_20060905",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"title": "RHSA-2006:0661",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"title": "SA-200609-01",
"trust": 0.8,
"url": "http://www.sendmail.com/security/advisories/sa-200609-01.txt.asc"
},
{
"title": "SA-200609-01.faq",
"trust": 0.8,
"url": "http://www.sendmail.com/sm/security/sa-200609-01.faq/"
},
{
"title": "786",
"trust": 0.8,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"title": "102686",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"title": "102696",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"title": "102656",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"title": "102648",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102722",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"title": "\u8a3c\u660e\u66f8\u306e\u64cd\u4f5c\u306b\u95a2\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4e0a\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/teamware2007_02.html"
},
{
"title": "Security Update 2006-007 (10.3.9 Client)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20060071039client.html"
},
{
"title": "Security Update 2006-007 (10.3.9 Server)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20060071039server.html"
},
{
"title": "Security Update 2006-007 (10.4.8 Client Intel)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20060071048clientintel.html"
},
{
"title": "Security Update 2006-007 (10.4.8 Client PPC)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20060071048clientppc.html"
},
{
"title": "Security Update 2006-007 (10.4.8 Server PPC)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20060071048serverppc.html"
},
{
"title": "Security Update 2006-007 (10.4.8 Server Universal)",
"trust": 0.8,
"url": "http://www.apple.com/jp/ftp-info/reference/securityupdate20060071048serveruniversal.html"
},
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/070119_77/top.html"
},
{
"title": "RSA\u7f72\u540d\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20070907.html"
},
{
"title": "HS07-034",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs07-034/index.html"
},
{
"title": "solution 2061730",
"trust": 0.8,
"url": "http://esupport.trendmicro.co.jp/supportjp/viewxml.do?contentid=jp-2061730"
},
{
"title": "InterScan Messaging Security Suite 5.11 Solaris / Linux\u7528 Security Patch \u516c\u958b\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.trendmicro.co.jp/support/news.asp?id=959"
},
{
"title": "RHSA-2006:0661",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0661j.html"
},
{
"title": "TLSA-2006-29",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/tlsa-2006-29j.txt"
},
{
"title": "VU#845620",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/vu845620.html"
},
{
"title": "OOo_3.2.1_Win_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3189"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3193"
},
{
"title": "OOo_3.2.0_Linux_x86-64_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3192"
},
{
"title": "OOo_3.2.1_Linux_x86_install-deb_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3191"
},
{
"title": "OOo_3.2.0_Solaris_x86_install-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3195"
},
{
"title": "OOo_3.2.1_Linux_x86_install-rpm-wJRE_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3190"
},
{
"title": "OOo_3.2.0_MacOS_x86_install_zh-CN",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=3194"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.0
},
{
"problemtype": "CWE-255",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 1.4,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 1.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 1.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 1.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 1.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 1.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 1.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 1.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200609-05.xml"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://dev2dev.bea.com/pub/advisory/238"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01070495"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://jvn.jp/en/jp/jvn51615542/index.html"
},
{
"trust": 1.0,
"url": "http://jvndb.jvn.jp/ja/contents/2012/jvndb-2012-000079.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2007/dec/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21709"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21767"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21776"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21778"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21785"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21791"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21812"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21823"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21846"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21852"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21870"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21873"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21927"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/21982"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22161"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22232"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22509"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22513"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22523"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22545"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22585"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22689"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22711"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22733"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22932"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22934"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22936"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22937"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22938"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22939"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22940"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22949"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23455"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24099"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25399"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25649"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/28115"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/38568"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/41818"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60799"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:19.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200609-18.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016791"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.566955"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.605306"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102686-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201247-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000148.1-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2127.html"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2128.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/40ak-2006-04-fr-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1174"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:161"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:207"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_26_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_61_opera.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
},
{
"trust": 1.0,
"url": "http://www.openbsd.org/errata.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.com/security/advisories/openpkg-sa-2006.018.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.029-bind.html"
},
{
"trust": 1.0,
"url": "http://www.opera.com/support/search/supsearch.dml?index=845"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/28549"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0661.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0062.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0072.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0073.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445231/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/445822/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/450327/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-339-1"
},
{
"trust": 1.0,
"url": "http://www.us.debian.org/security/2006/dsa-1173"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3453"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3566"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3730"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3793"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4205"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4206"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4207"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4216"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4366"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4586"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/5146"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0254"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1815"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1945"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/4224"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2010/0366"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28755"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-616"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11656"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3453"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4032"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta07-017a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23845620"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta07-017a"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-4339"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta07-017a.html"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 0.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7g-1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7g-1ubuntu1.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8_0.9.8a-7ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7g-1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7g-1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.8-dbg_0.9.8a-7ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.8-udeb_0.9.8a-7ubuntu0.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.8a-7ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8a-7ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"db": "PACKETSTORM",
"id": "49758"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "49826"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"db": "PACKETSTORM",
"id": "49758"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "49826"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"date": "2006-09-07T08:57:27",
"db": "PACKETSTORM",
"id": "49758"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-09-08T06:46:12",
"db": "PACKETSTORM",
"id": "49826"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2006-09-05T17:04:00",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2014-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000532"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-044"
},
{
"date": "2018-10-17T21:35:10.617000",
"db": "NVD",
"id": "CVE-2006-4339"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-044"
}
],
"trust": 0.6
}
}
var-201003-1082
Vulnerability from variot
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack. libpng Has a specific PNG ( Portable Network Graphics ) There is a problem with the file processing. libpng Contains crafted auxiliary chunks PNG When processing files, a huge amount of memory CPU May use resources. For more information, PNG Development Group Security advisories and Defending Libpng Applications Against Decompression Bombs Please confirm.Disturbance of service operation by a remote third party (DoS) An attack may be carried out. The 'libpng' library is prone to a remote denial-of-service vulnerability. Successful exploits will allow an attacker to consume an excessive amount of CPU memory, denying service to legitimate users. Successful exploits will allow an attacker to obtain potentially sensitive information. Versions prior to libpng 1.4.1, 1.2.43, and 1.0.53 are vulnerable. This resource consumption may cause applications using the libpng library to hang. The PNG format uses efficient compression to store graphic data and some related data in an auxiliary database. The PNG specification does not limit the number of chunks, limiting their size to 2.147G (2,147,483,647 bytes). Similarly, the specification limits the width and height of graphics to 2.147 billion rows and 2.147 billion columns. Since the deflate compression method can very efficiently compress data streams consisting of repeated single bytes, small PNG files may occupy a large amount of memory when decompressed, forming a \"decompression bomb that exhausts all available memory. For example, for a zTXt block containing 50,000 lines each containing 100 letters Z, the compressed size is about 17k bytes, but the decompressed size is 5M, and the compression ratio is about 300:1. Libpng library uses inefficient memory acquisition method when expanding compressed zTXt, iTXt and iCCP auxiliary data blocks. About 50k malformed iCCP blocks contained in graphic files can be decompressed to 60M, which will hang the browser for about 20 Minutes, a well-crafted malicious block can also hang the browser for even longer, using up all available memory. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201010-01
http://security.gentoo.org/
Severity: Normal Title: Libpng: Multiple vulnerabilities Date: October 05, 2010 Bugs: #307637, #324153, #335887 ID: 201010-01
Synopsis
Multiple vulnerabilities in libpng might lead to privilege escalation or a Denial of Service. It is used by several programs, including web browsers and potentially server processes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libpng < 1.4.3 >= 1.4.3
Description
Multiple vulnerabilities were found in libpng:
-
The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205)
-
A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205)
-
A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249)
Impact
An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user.
Workaround
There is no known workaround at this time.
Resolution
All libpng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3"
References
[ 1 ] CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 [ 2 ] CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 [ 3 ] CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201010-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425
- Summary
VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.
- Relevant releases
VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,
Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.
- Problem Description
a. VMware Workstation and Player installer security issue
The Workstation 7.x and Player 3.x installers will load an index.htm
file located in the current working directory on which Workstation
7.x or Player 3.x is being installed. This may allow an attacker to
display a malicious file if they manage to get their file onto the
system prior to installation.
The issue can only be exploited at the time that Workstation 7.x or
Player 3.x is being installed. Installed versions of Workstation and
Player are not affected. The security issue is no longer present in
the installer of the new versions of Workstation 7.x and Player 3.x
(see table below for the version numbers).
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3277 to this issue.
VMware would like to thank Alexander Trofimov and Marc Esher for
independently reporting this issue to VMware.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any 7.1.2 build 301548 or later *
Workstation 6.5.x any not affected
Player 3.x any 3.1.2 build 301548 or later *
Player 2.5.x any not affected
AMS any any not affected
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
- Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable.
b. Third party libpng updated to version 1.2.44
A buffer overflow condition in libpng is addressed that could
potentially lead to code execution with the privileges of the
application using libpng. Two potential denial of service issues
are also addressed in the update.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249
to these issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.1.x any 7.1.2 build 301548 or later
Workstation 6.5.x any affected, patch pending
Player 3.1.x any 3.1.2 build 301548 or later
Player 2.5.x any affected, patch pending
AMS any any not affected
Server any any affected, no patch planned
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.
A function in Apache HTTP Server when multithreaded MPM is used
does not properly handle headers in subrequests in certain
circumstances which may allow remote attackers to obtain sensitive
information via a crafted request that triggers access to memory
locations associated with an earlier request.
The Apache mod_isapi module can be forced to unload a specific
library before the processing of a request is complete, resulting
in memory corruption. This vulnerability may allow a remote
attacker to execute arbitrary code.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation any any not affected
Player any any not affected
AMS any Windows 2.7.2 build 301548 or later
AMS any Linux affected, patch pending *
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note CVE-2010-0425 is not applicable to AMS running on Linux
-
Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 7.1.2
http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html
Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: 2e9715ec297dc3ca904ad2707d3e2614
sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a
Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 066929f59aef46f11f4d9fd6c6b36e4d
sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3
VMware Player 3.1.2
http://www.vmware.com/download/player/ Release notes:
http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html
VMware Player for Windows 32-bit and 64-bit
md5sum: 3f289cb33af5e425c92d8512fb22a7ba
sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70
VMware Player for Linux 32-bit
md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8
sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749
VMware Player for Linux 64-bit
md5sum: 2ab08e0d4050719845a64d334ca15bb1
sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c
VMware ACE Management Server 2.7.2
http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html
ACE Management Server for Windows
md5sum: 02f0072b8e48a98ed914b633f070d550
sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
- Change log
2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware Security Advisories http://www.vmware.com/security/advisoiries
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- .
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205
Updated Packages:
Mandriva Linux 2008.0: a490385a7af091254460923d5b370281 2008.0/i586/libpng3-1.2.22-0.4mdv2008.0.i586.rpm 0a24bbf70a2d0acfe67872e0c9d8f709 2008.0/i586/libpng-devel-1.2.22-0.4mdv2008.0.i586.rpm 4606a9e929c6051e122b70ebe2e7bad4 2008.0/i586/libpng-source-1.2.22-0.4mdv2008.0.i586.rpm 694d03d2e8d3bcd07fc0684fd8a6b0c9 2008.0/i586/libpng-static-devel-1.2.22-0.4mdv2008.0.i586.rpm da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 4502fd5d882a47d409bfd0e0bc154c88 2008.0/x86_64/lib64png3-1.2.22-0.4mdv2008.0.x86_64.rpm 91b539a7a3a87d57c1ee1e33921aa787 2008.0/x86_64/lib64png-devel-1.2.22-0.4mdv2008.0.x86_64.rpm f0e202692b44e5ebd09168e307a1ad7b 2008.0/x86_64/lib64png-static-devel-1.2.22-0.4mdv2008.0.x86_64.rpm a5c685aa7aac15155af58211a576e08c 2008.0/x86_64/libpng-source-1.2.22-0.4mdv2008.0.x86_64.rpm da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm
Corporate 4.0: e224d113e77e285d85ff11c55dae9e50 corporate/4.0/i586/libpng3-1.2.8-1.7.20060mlcs4.i586.rpm c0d62f11277442b0d7a909d0c1c53249 corporate/4.0/i586/libpng3-devel-1.2.8-1.7.20060mlcs4.i586.rpm 8ea7ca8ab7bbed8f2683698a3f493d56 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.7.20060mlcs4.i586.rpm 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm
Corporate 4.0/X86_64: a19c0839e78e5d16cc159621ff8e3786 corporate/4.0/x86_64/lib64png3-1.2.8-1.7.20060mlcs4.x86_64.rpm 68d1b5c5174f6de15eb1d68735e45e0f corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm d477b9271f6beba77435121f09dff09d corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 5fe2f05d45ebaac79c58e47429dedceb mnf/2.0/i586/libpng3-1.2.5-10.12.M20mdk.i586.rpm 0ebace3f9758ea06e6471317f95b253f mnf/2.0/i586/libpng3-devel-1.2.5-10.12.M20mdk.i586.rpm 3aa8ba999455eb190979ec7f6f22421a mnf/2.0/i586/libpng3-static-devel-1.2.5-10.12.M20mdk.i586.rpm 1ceca3083b90247ac1d1b68b4bf08f33 mnf/2.0/SRPMS/libpng-1.2.5-10.12.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLp88BmqjQ0CJFipgRAl2vAKCNCYs8gf3lw0tqgRMM6WC87P6roQCfZMU2 M2vZq2Q3ZYYDuZssm6LfxaI= =dFcH -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-913-1 March 16, 2010 libpng vulnerabilities CVE-2009-2042, CVE-2010-0205 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.5
Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.2
Ubuntu 8.10: libpng12-0 1.2.27-1ubuntu0.2
Ubuntu 9.04: libpng12-0 1.2.27-2ubuntu2.1
Ubuntu 9.10: libpng12-0 1.2.37-1ubuntu0.1
After a standard system upgrade you need to reboot your computer to effect the necessary changes.
Details follow:
It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2042)
It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-0205)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.diff.gz
Size/MD5: 22337 fa254fcc4cb513e59eb9467abad87cca
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.dsc
Size/MD5: 661 17f3956e31ccadfed0a3bfdc8f5f065a
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.5_all.deb
Size/MD5: 842 a5ab55fb1b372c9ac93493fd699b276f
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_amd64.deb
Size/MD5: 114374 1315864425b2dfaea123fe05118de0b0
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_amd64.deb
Size/MD5: 247552 4acf10d5d173d06843cb1dc9b1b894fe
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_amd64.udeb
Size/MD5: 69464 1761fb1c524387b8aabd7bd3dccb2eda
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_i386.deb
Size/MD5: 111916 0043501424d2cee81d5f6229a2b3d166
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_i386.deb
Size/MD5: 239610 8422b7b137f09b49d27541a87251cce4
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_i386.udeb
Size/MD5: 66948 a8e6db358ed472eb9f18d3b51aed1347
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_powerpc.deb
Size/MD5: 111422 a0ea39141ce6319b057db22e9fcaf8d6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_powerpc.deb
Size/MD5: 245142 d2d7ed0b8fa777fd58fe78345625a1e7
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_powerpc.udeb
Size/MD5: 66386 f65de398bac540da7a25370999eb9643
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_sparc.deb
Size/MD5: 108988 5bad496a668c87614866fe1f04c8c17e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_sparc.deb
Size/MD5: 239972 b3cf4fc712ab063ababdefc5030ad07a
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_sparc.udeb
Size/MD5: 63832 148d28886ec7fdb3334196a762daad1c
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.diff.gz
Size/MD5: 21048 9f9e2ce175afd0a41bfa613c8672a164
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.dsc
Size/MD5: 832 59b9f6994e1bef9b8f83561b70afda00
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.2_all.deb
Size/MD5: 940 e6cfd9d151530dac9ef81148e1690e61
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_amd64.deb
Size/MD5: 190022 6a7c0dfd7c8501f8628178b5b0eee0cd
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_amd64.deb
Size/MD5: 179662 bc60e9256f650d385f0c1d175c14fe80
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_amd64.udeb
Size/MD5: 70430 a6782df5314e3c49137b1d3253c2c6b4
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_i386.deb
Size/MD5: 188650 0d4b87ea55d252a24bc74ebc4d748645
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_i386.deb
Size/MD5: 171178 9608ecb2bd7697bbf4510822a6c61e32
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_i386.udeb
Size/MD5: 69094 f39b5e822f4da67599876c68904ecad1
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_lpia.deb
Size/MD5: 189520 36f70d5b5d6cc10e89323efd72b3e061
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_lpia.deb
Size/MD5: 172882 1b5a5a4d6198c0eb6b14dc89c5a9da19
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_lpia.udeb
Size/MD5: 69994 a3e824e57de27f7b7ed1b93ddd6f6917
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_powerpc.deb
Size/MD5: 190076 8ec2399126dc45cb9069588dec4f23ef
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_powerpc.deb
Size/MD5: 179070 3a16935d6ed3029b636f5a2277470659
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_powerpc.udeb
Size/MD5: 70556 a2f68773735f91ca14c95fe374a56d7b
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_sparc.deb
Size/MD5: 185426 8755e9f8c1be78dbe2de213d9666fd7f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_sparc.deb
Size/MD5: 173332 f94ff6354e27bda2f21a8a542e77f274
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_sparc.udeb
Size/MD5: 65854 2631780a00ee2727264e6d0f477daa83
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.diff.gz
Size/MD5: 19116 22de419d4a9203e183ccc14813b0d5e2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.dsc
Size/MD5: 1293 bd0ff3a04141fae88c8136f6f9ee63d4
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-1ubuntu0.2_all.deb
Size/MD5: 934 cdd02e7c09b4bb61bd14670f155f81f4
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_amd64.deb
Size/MD5: 168308 37a5c4970ffd3dc878026e66310bfecc
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_amd64.deb
Size/MD5: 255526 df3e911f99e2d64d3246710e0dea9d49
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_amd64.udeb
Size/MD5: 72758 6a64efb6a07e32ddfe80bed566e110c8
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_i386.deb
Size/MD5: 166630 08a7389cb42e41ebba773ecdb9e347fe
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_i386.deb
Size/MD5: 247664 e39fbb64952529e977b335e308662782
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_i386.udeb
Size/MD5: 71014 9e5c717ed5d4e17d86caabb80221030d
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_lpia.deb
Size/MD5: 167096 ed195852cc2b60cb0ddc9cccf87ed280
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_lpia.deb
Size/MD5: 248616 dc85b020b9a129916f24618d3e27e684
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_lpia.udeb
Size/MD5: 71418 e60289ac791f78aae8eb5598a3eacb5a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_powerpc.deb
Size/MD5: 167230 5f8b71b3a98b1645727f1f4ae534f960
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_powerpc.deb
Size/MD5: 254380 76ea57650fd01eb86a315ca0b73dcdca
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_powerpc.udeb
Size/MD5: 71582 f9b8803343f2f61bf5f07b1fb4a25918
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_sparc.deb
Size/MD5: 162222 445a3d3abb843e73fbf89fe0520ab664
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_sparc.deb
Size/MD5: 248216 768f20b123d1b0c1c448b3b240245d5c
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_sparc.udeb
Size/MD5: 66728 cf376eab6461fdee69f0bbde6d58dc53
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.diff.gz
Size/MD5: 174503 ffa63cd1b57dc442faff9a65d2f25ee7
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.dsc
Size/MD5: 1296 890ff19ff7b12aa90d0d38c0b1550055
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.1_all.deb
Size/MD5: 936 3dee09961304f1caf76db0995a027b95
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_amd64.udeb
Size/MD5: 72778 30622682dc700cba1101384ab84fe7ca
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_amd64.deb
Size/MD5: 168382 4be6ce864bf04169baf7d4b656ea8e02
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_amd64.deb
Size/MD5: 255620 730ed6a69006fa14753ef99f89664d31
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_i386.udeb
Size/MD5: 71084 5a3cc8f7589fae49e91689d85476b193
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_i386.deb
Size/MD5: 166732 d674a5262197c091d9ca5b2370cff187
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_i386.deb
Size/MD5: 247744 644a3757529a46d3389e2db18a566f3d
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_lpia.udeb
Size/MD5: 71472 662aba7284b732240c2d7bff864eed12
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_lpia.deb
Size/MD5: 167200 47dc03f91b37b73626e026cb7da28b15
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_lpia.deb
Size/MD5: 248706 a01e8fe54d38f4101c6ad0f78eec4a7e
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_powerpc.udeb
Size/MD5: 71564 96e3fb7342ab462db7a27fbd39a46649
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_powerpc.deb
Size/MD5: 167254 90e1cb3da8cc85953442611cf0faaed8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_powerpc.deb
Size/MD5: 254444 4b89c89e031c0d4265b1eb3da45f06e9
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_sparc.udeb
Size/MD5: 66646 ac9aa1a738ef8ed71bd8b876f1920098
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_sparc.deb
Size/MD5: 162176 06a1b4ab47a39790da4e9b1e0967c1d2
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_sparc.deb
Size/MD5: 248222 91cca4c40c4ce6ac41df52ea62e5008a
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.diff.gz
Size/MD5: 18107 a9bf93cac21b17a3589193ae511b75d2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.dsc
Size/MD5: 1293 dc9a20f9a129ad150f61ec9bb745b039
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz
Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.1_all.deb
Size/MD5: 934 3d21bd9bf41fe210303474389cfeb0a8
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_amd64.udeb
Size/MD5: 73848 d436fc20150573d565017d9e29141484
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_amd64.deb
Size/MD5: 174886 34607a76ee1ebdd82b5c71068e6e32b2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_amd64.deb
Size/MD5: 265214 f600588bdf4f00731d94ccd8bbc68455
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_i386.udeb
Size/MD5: 70382 7d93414ce0e28351b972605abae92cd1
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_i386.deb
Size/MD5: 171402 2b8f6f1c8e8300c3149c59d1fc107659
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_i386.deb
Size/MD5: 255250 a033009f8d9a990655437c3d129668bf
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_lpia.udeb
Size/MD5: 71012 d3df3a73bf61acb9f1d489a32b3b8a60
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_lpia.deb
Size/MD5: 172126 1b94fcc470ba8878eace85240fae74cf
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_lpia.deb
Size/MD5: 257172 3c3280435a2b7d1817b49cd4a3a14bef
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_powerpc.udeb
Size/MD5: 72402 e0b80daed7db7e00d2a921ed5708ffe8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_powerpc.deb
Size/MD5: 173494 31c424c02fe594bb6cf9acd1bef1763f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_powerpc.deb
Size/MD5: 264450 b0546250e1804b0d385bb8eb714cd2da
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_sparc.udeb
Size/MD5: 67312 0df0d665eeb40343b9d5485910101786
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_sparc.deb
Size/MD5: 168372 2a079837d6b9f47c41a02340c5d9e27c
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_sparc.deb
Size/MD5: 257434 05811c8ff658321e91078f280dacfbe7
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-2032-1 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano April 11, 2010 http://www.debian.org/security/faq
Package : libpng Vulnerability : several Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2009-2042 CVE-2010-0205 Debian Bugs : 533676 572308
Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-2042
libpng does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
For the testing (squeeze) and unstable (sid) distribution, these problems have been fixed in version 1.2.43-1
We recommend that you upgrade your libpng package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.dsc Size/MD5 checksum: 1201 abe81b0d3c4aa7a1fa418e29f2c5b297 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.diff.gz Size/MD5 checksum: 19687 60ede1843ceb8a1f127c54b847a74dfa
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny3_all.deb Size/MD5 checksum: 880 028b00e28aad8282714776c5dcca64a8
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_alpha.udeb Size/MD5 checksum: 86562 d9c50af59951e972557d393409b75bf2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_alpha.deb Size/MD5 checksum: 287752 1d7d84aee223c0933d1a616722607096 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_alpha.deb Size/MD5 checksum: 182436 001ecbf421f70ca521a3968f1d14c874
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_amd64.udeb Size/MD5 checksum: 71912 78fbe1a6568671e4c557ec12e29481b0 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_amd64.deb Size/MD5 checksum: 254500 481312a64867f31c363b7fbba9cfe171 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_amd64.deb Size/MD5 checksum: 167864 3d285c20d2f080313f82eb09dcb7261b
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_arm.udeb Size/MD5 checksum: 64566 a4a9742190557d14beae40133fb46cf1 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_arm.deb Size/MD5 checksum: 245438 a16f62e771622e05812172f7c7066504 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_arm.deb Size/MD5 checksum: 159612 81facf06de458dd6b1e84a78bb1acfc8
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_armel.udeb Size/MD5 checksum: 67028 56fc4199656d239231c7b8d8e035fead http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_armel.deb Size/MD5 checksum: 245930 9f64181bc16af0ad0de4ba2e86b25706 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_armel.deb Size/MD5 checksum: 162504 3129e1c2360fcba0309257e2b1dff8ca
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_hppa.udeb Size/MD5 checksum: 73858 9d5a53e3258b5149bee68a4d20067bf9 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_hppa.deb Size/MD5 checksum: 169602 12ddce05c84ef675c348a1e64f1a277c http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_hppa.deb Size/MD5 checksum: 261788 9297cb916e57e2f912de3f16bcbae475
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_i386.deb Size/MD5 checksum: 246968 083d472fd65f884c91dff5926e538342 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_i386.deb Size/MD5 checksum: 165560 233945ee4b1e442357276431ce495a4c http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_i386.udeb Size/MD5 checksum: 70094 769336f4574678e56931e1a1eaf6be6a
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_ia64.deb Size/MD5 checksum: 305324 42d7265034b84662467bb75456653787 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_ia64.udeb Size/MD5 checksum: 111776 ad716022a6a22371bb83f3966ebe17d4 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_ia64.deb Size/MD5 checksum: 206866 572b9d18c5adba74a4e5b99714968a60
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_mipsel.deb Size/MD5 checksum: 262242 e905771ac3fa905cc03a3ddc8f9872dd http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_mipsel.udeb Size/MD5 checksum: 68370 4d44877866357a0fd8474fd8fe183616 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_mipsel.deb Size/MD5 checksum: 164154 93c02dbae7dfe59b77ce4b683b82eaef
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_powerpc.deb Size/MD5 checksum: 166402 1d470464fe2b493aef8d95dde5fd95d8 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_powerpc.udeb Size/MD5 checksum: 70682 1dd9713672dbac4a7434f1f96a1184b5 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_powerpc.deb Size/MD5 checksum: 253478 7a87577e07ed0bb9e759b973b2d7cf18
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_s390.udeb Size/MD5 checksum: 73470 52b1a911a81f133a83a387663aa3ffb2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_s390.deb Size/MD5 checksum: 252988 18b4c8b17b3e30ab6cce89c21c99fbfc http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_s390.deb Size/MD5 checksum: 169264 601982b9a97707ab05e1f4469cd8e20e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_sparc.deb Size/MD5 checksum: 161562 facd643206903acfa3a503c1d69e9248 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_sparc.udeb Size/MD5 checksum: 66032 cbbe521a9a5629987603a57b8c9f35be http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_sparc.deb Size/MD5 checksum: 247212 76b8fe782fd0e5f7546bd535f8d442bc
These files will probably be moved into the stable distribution on its next update. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201003-1082",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.3,
"vendor": "suse",
"version": "9"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.2.43"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "12"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "13"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.2"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.0.53"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "8.10"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.5"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.0"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.2.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "11"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "libpng",
"scope": "lt",
"trust": 1.0,
"vendor": "libpng",
"version": "1.4.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "9.04"
},
{
"model": "libpng",
"scope": "gte",
"trust": 1.0,
"vendor": "libpng",
"version": "1.0.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.0.52"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.9,
"vendor": "libpng",
"version": "1.2.13"
},
{
"model": "lunascape",
"scope": "eq",
"trust": 0.8,
"vendor": "lunascape",
"version": "6"
},
{
"model": "libpng",
"scope": "lte",
"trust": 0.8,
"vendor": "png group",
"version": "1.4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "2.5.x"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "3.1.x"
},
{
"model": "server",
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.5.x"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "7.1.x"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6 to v10.6.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11 express"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "pictbear",
"scope": "lt",
"trust": 0.8,
"vendor": "fenrir",
"version": "2.01"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.46"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.47"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.2.11"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.48"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.2.23"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.51"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.6,
"vendor": "libpng",
"version": "1.0.50"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.2"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8126538"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.24"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4246459"
},
{
"model": "linux enterprise sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.25"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.17"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.43"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7"
},
{
"model": "intuity audix",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.16"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.18"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.8"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "messaging storage server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2203138"
},
{
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.13"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4.1"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.4246459"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5118166"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5118166"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.33"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.21"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "linux enterprise sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "solaris express",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "11"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.43"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.8"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.20"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.36"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.14"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.691891"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10203137"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.6"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.12"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.32"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.8"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.27"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.9"
},
{
"model": "libpng",
"scope": "ne",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.53"
},
{
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "linux enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "3.1.2301548"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.11"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.22"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3185404"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1.2301548"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.9156507"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.7108231"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3185404"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.34"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.18"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "server build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1156745"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.10"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.42"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "7.1"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.16"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.5"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "beta01",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.17"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "beta19",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.4"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.3"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2156735"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.0.15"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.35"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.3"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.37"
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "aura system platform sp1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "player build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2156735"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.26"
},
{
"model": "libpng",
"scope": "eq",
"trust": 0.3,
"vendor": "libpng",
"version": "1.2.19"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "38478"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:lunascape:lunascape",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:libpng:libpng",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:player",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:vmware:workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:oracle:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fenrir-inc:pictbear",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Glenn Randers-Pehrson",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-0205",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-0205",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-42810",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-0205",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#576029",
"trust": 0.8,
"value": "0.85"
},
{
"author": "NVD",
"id": "CVE-2010-0205",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201003-024",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-42810",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2010-0205",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a \"decompression bomb\" attack. libpng Has a specific PNG ( Portable Network Graphics ) There is a problem with the file processing. libpng Contains crafted auxiliary chunks PNG When processing files, a huge amount of memory CPU May use resources. For more information, PNG Development Group Security advisories and Defending Libpng Applications Against Decompression Bombs Please confirm.Disturbance of service operation by a remote third party (DoS) An attack may be carried out. The \u0027libpng\u0027 library is prone to a remote denial-of-service vulnerability. \nSuccessful exploits will allow an attacker to consume an excessive amount of CPU memory, denying service to legitimate users. \nSuccessful exploits will allow an attacker to obtain potentially sensitive information. \nVersions prior to libpng 1.4.1, 1.2.43, and 1.0.53 are vulnerable. This resource consumption may cause applications using the libpng library to hang. The PNG format uses efficient compression to store graphic data and some related data in an auxiliary database. The PNG specification does not limit the number of chunks, limiting their size to 2.147G (2,147,483,647 bytes). Similarly, the specification limits the width and height of graphics to 2.147 billion rows and 2.147 billion columns. Since the deflate compression method can very efficiently compress data streams consisting of repeated single bytes, small PNG files may occupy a large amount of memory when decompressed, forming a \\\"decompression bomb that exhausts all available memory. For example, for a zTXt block containing 50,000 lines each containing 100 letters Z, the compressed size is about 17k bytes, but the decompressed size is 5M, and the compression ratio is about 300:1. Libpng library uses inefficient memory acquisition method when expanding compressed zTXt, iTXt and iCCP auxiliary data blocks. About 50k malformed iCCP blocks contained in graphic files can be decompressed to 60M, which will hang the browser for about 20 Minutes, a well-crafted malicious block can also hang the browser for even longer, using up all available memory. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201010-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Libpng: Multiple vulnerabilities\n Date: October 05, 2010\n Bugs: #307637, #324153, #335887\n ID: 201010-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in libpng might lead to privilege escalation\nor a Denial of Service. It is used by several programs, including web\nbrowsers and potentially server processes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-libs/libpng \u003c 1.4.3 \u003e= 1.4.3\n\nDescription\n===========\n\nMultiple vulnerabilities were found in libpng:\n\n* The png_decompress_chunk() function in pngrutil.c does not properly\n handle certain type of compressed data (CVE-2010-0205)\n\n* A buffer overflow in pngread.c when using progressive applications\n (CVE-2010-1205)\n\n* A memory leak in pngrutil.c when dealing with a certain type of\n chunks (CVE-2010-2249)\n\nImpact\n======\n\nAn attacker could exploit these vulnerabilities to cause programs\nlinked against the library to crash or execute arbitrary code with the\npermissions of the user running the vulnerable program, which could be\nthe root user. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.4.3\"\n\nReferences\n==========\n\n [ 1 ] CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n [ 2 ] CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n [ 3 ] CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201010-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0014\nSynopsis: VMware Workstation, Player, and ACE address several\n security issues. \nIssue date: 2010-09-23\nUpdated on: 2010-09-23 (initial release of advisory)\nCVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware Workstation and Player address a potential installer security\n issue and security issues in libpng. VMware ACE Management Server\n (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n VMware Workstation 7.1.1 and earlier,\n VMware Player 3.1.1 and earlier,\n VMware ACE Management Server 2.7.1 and earlier,\n\n Note: VMware Server was declared End Of Availability on January 2010,\n support will be limited to Technical Guidance for the duration\n of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n The Workstation 7.x and Player 3.x installers will load an index.htm\n file located in the current working directory on which Workstation\n 7.x or Player 3.x is being installed. This may allow an attacker to\n display a malicious file if they manage to get their file onto the\n system prior to installation. \n\n The issue can only be exploited at the time that Workstation 7.x or\n Player 3.x is being installed. Installed versions of Workstation and\n Player are not affected. The security issue is no longer present in\n the installer of the new versions of Workstation 7.x and Player 3.x\n (see table below for the version numbers). \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-3277 to this issue. \n\n VMware would like to thank Alexander Trofimov and Marc Esher for\n independently reporting this issue to VMware. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any 7.1.2 build 301548 or later *\n Workstation 6.5.x any not affected\n\n Player 3.x any 3.1.2 build 301548 or later *\n Player 2.5.x any not affected\n\n AMS any any not affected\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note: This only affects the installer, if you have a version of\n Workstation or Player installed you are not vulnerable. \n\n\n b. Third party libpng updated to version 1.2.44\n\n A buffer overflow condition in libpng is addressed that could\n potentially lead to code execution with the privileges of the\n application using libpng. Two potential denial of service issues\n are also addressed in the update. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.1.x any 7.1.2 build 301548 or later\n Workstation 6.5.x any affected, patch pending\n\n Player 3.1.x any 3.1.2 build 301548 or later\n Player 2.5.x any affected, patch pending\n\n AMS any any not affected\n\n Server any any affected, no patch planned\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n version 2.2.15. \n\n A function in Apache HTTP Server when multithreaded MPM is used\n does not properly handle headers in subrequests in certain\n circumstances which may allow remote attackers to obtain sensitive\n information via a crafted request that triggers access to memory\n locations associated with an earlier request. \n\n The Apache mod_isapi module can be forced to unload a specific\n library before the processing of a request is complete, resulting\n in memory corruption. This vulnerability may allow a remote\n attacker to execute arbitrary code. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation any any not affected\n\n Player any any not affected\n\n AMS any Windows 2.7.2 build 301548 or later\n AMS any Linux affected, patch pending *\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 7.1.2\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n VMware Player 3.1.2\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n VMware Player for Windows 32-bit and 64-bit\t\n md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n VMware Player for Linux 32-bit\t\n md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n VMware Player for Linux 64-bit\t\n md5sum: 2ab08e0d4050719845a64d334ca15bb1\n sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n VMware ACE Management Server 2.7.2\n ----------------------------------\n http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n Release notes:\n http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n ACE Management Server for Windows\t\n md5sum: 02f0072b8e48a98ed914b633f070d550\n sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23 VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. \n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n a490385a7af091254460923d5b370281 2008.0/i586/libpng3-1.2.22-0.4mdv2008.0.i586.rpm\n 0a24bbf70a2d0acfe67872e0c9d8f709 2008.0/i586/libpng-devel-1.2.22-0.4mdv2008.0.i586.rpm\n 4606a9e929c6051e122b70ebe2e7bad4 2008.0/i586/libpng-source-1.2.22-0.4mdv2008.0.i586.rpm\n 694d03d2e8d3bcd07fc0684fd8a6b0c9 2008.0/i586/libpng-static-devel-1.2.22-0.4mdv2008.0.i586.rpm \n da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 4502fd5d882a47d409bfd0e0bc154c88 2008.0/x86_64/lib64png3-1.2.22-0.4mdv2008.0.x86_64.rpm\n 91b539a7a3a87d57c1ee1e33921aa787 2008.0/x86_64/lib64png-devel-1.2.22-0.4mdv2008.0.x86_64.rpm\n f0e202692b44e5ebd09168e307a1ad7b 2008.0/x86_64/lib64png-static-devel-1.2.22-0.4mdv2008.0.x86_64.rpm\n a5c685aa7aac15155af58211a576e08c 2008.0/x86_64/libpng-source-1.2.22-0.4mdv2008.0.x86_64.rpm \n da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm\n\n Corporate 4.0:\n e224d113e77e285d85ff11c55dae9e50 corporate/4.0/i586/libpng3-1.2.8-1.7.20060mlcs4.i586.rpm\n c0d62f11277442b0d7a909d0c1c53249 corporate/4.0/i586/libpng3-devel-1.2.8-1.7.20060mlcs4.i586.rpm\n 8ea7ca8ab7bbed8f2683698a3f493d56 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.7.20060mlcs4.i586.rpm \n 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n a19c0839e78e5d16cc159621ff8e3786 corporate/4.0/x86_64/lib64png3-1.2.8-1.7.20060mlcs4.x86_64.rpm\n 68d1b5c5174f6de15eb1d68735e45e0f corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm\n d477b9271f6beba77435121f09dff09d corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm \n 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 5fe2f05d45ebaac79c58e47429dedceb mnf/2.0/i586/libpng3-1.2.5-10.12.M20mdk.i586.rpm\n 0ebace3f9758ea06e6471317f95b253f mnf/2.0/i586/libpng3-devel-1.2.5-10.12.M20mdk.i586.rpm\n 3aa8ba999455eb190979ec7f6f22421a mnf/2.0/i586/libpng3-static-devel-1.2.5-10.12.M20mdk.i586.rpm \n 1ceca3083b90247ac1d1b68b4bf08f33 mnf/2.0/SRPMS/libpng-1.2.5-10.12.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLp88BmqjQ0CJFipgRAl2vAKCNCYs8gf3lw0tqgRMM6WC87P6roQCfZMU2\nM2vZq2Q3ZYYDuZssm6LfxaI=\n=dFcH\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-913-1 March 16, 2010\nlibpng vulnerabilities\nCVE-2009-2042, CVE-2010-0205\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libpng12-0 1.2.8rel-5ubuntu0.5\n\nUbuntu 8.04 LTS:\n libpng12-0 1.2.15~beta5-3ubuntu0.2\n\nUbuntu 8.10:\n libpng12-0 1.2.27-1ubuntu0.2\n\nUbuntu 9.04:\n libpng12-0 1.2.27-2ubuntu2.1\n\nUbuntu 9.10:\n libpng12-0 1.2.37-1ubuntu0.1\n\nAfter a standard system upgrade you need to reboot your computer to effect\nthe necessary changes. \n\nDetails follow:\n\nIt was discovered that libpng did not properly initialize memory when\ndecoding certain 1-bit interlaced images. If a user or automated system\nwere tricked into processing crafted PNG images, an attacker could possibly\nuse this flaw to read sensitive information stored in memory. This issue\nonly affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2042)\n\nIt was discovered that libpng did not properly handle certain excessively\ncompressed PNG images. If a user or automated system were tricked into\nprocessing a crafted PNG image, an attacker could possibly use this flaw to\nconsume all available resources, resulting in a denial of service. \n(CVE-2010-0205)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.diff.gz\n Size/MD5: 22337 fa254fcc4cb513e59eb9467abad87cca\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.dsc\n Size/MD5: 661 17f3956e31ccadfed0a3bfdc8f5f065a\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.5_all.deb\n Size/MD5: 842 a5ab55fb1b372c9ac93493fd699b276f\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_amd64.deb\n Size/MD5: 114374 1315864425b2dfaea123fe05118de0b0\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_amd64.deb\n Size/MD5: 247552 4acf10d5d173d06843cb1dc9b1b894fe\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_amd64.udeb\n Size/MD5: 69464 1761fb1c524387b8aabd7bd3dccb2eda\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_i386.deb\n Size/MD5: 111916 0043501424d2cee81d5f6229a2b3d166\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_i386.deb\n Size/MD5: 239610 8422b7b137f09b49d27541a87251cce4\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_i386.udeb\n Size/MD5: 66948 a8e6db358ed472eb9f18d3b51aed1347\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_powerpc.deb\n Size/MD5: 111422 a0ea39141ce6319b057db22e9fcaf8d6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_powerpc.deb\n Size/MD5: 245142 d2d7ed0b8fa777fd58fe78345625a1e7\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_powerpc.udeb\n Size/MD5: 66386 f65de398bac540da7a25370999eb9643\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_sparc.deb\n Size/MD5: 108988 5bad496a668c87614866fe1f04c8c17e\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_sparc.deb\n Size/MD5: 239972 b3cf4fc712ab063ababdefc5030ad07a\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_sparc.udeb\n Size/MD5: 63832 148d28886ec7fdb3334196a762daad1c\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.diff.gz\n Size/MD5: 21048 9f9e2ce175afd0a41bfa613c8672a164\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.dsc\n Size/MD5: 832 59b9f6994e1bef9b8f83561b70afda00\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.2_all.deb\n Size/MD5: 940 e6cfd9d151530dac9ef81148e1690e61\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_amd64.deb\n Size/MD5: 190022 6a7c0dfd7c8501f8628178b5b0eee0cd\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_amd64.deb\n Size/MD5: 179662 bc60e9256f650d385f0c1d175c14fe80\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_amd64.udeb\n Size/MD5: 70430 a6782df5314e3c49137b1d3253c2c6b4\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_i386.deb\n Size/MD5: 188650 0d4b87ea55d252a24bc74ebc4d748645\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_i386.deb\n Size/MD5: 171178 9608ecb2bd7697bbf4510822a6c61e32\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_i386.udeb\n Size/MD5: 69094 f39b5e822f4da67599876c68904ecad1\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_lpia.deb\n Size/MD5: 189520 36f70d5b5d6cc10e89323efd72b3e061\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_lpia.deb\n Size/MD5: 172882 1b5a5a4d6198c0eb6b14dc89c5a9da19\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_lpia.udeb\n Size/MD5: 69994 a3e824e57de27f7b7ed1b93ddd6f6917\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_powerpc.deb\n Size/MD5: 190076 8ec2399126dc45cb9069588dec4f23ef\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_powerpc.deb\n Size/MD5: 179070 3a16935d6ed3029b636f5a2277470659\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_powerpc.udeb\n Size/MD5: 70556 a2f68773735f91ca14c95fe374a56d7b\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_sparc.deb\n Size/MD5: 185426 8755e9f8c1be78dbe2de213d9666fd7f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_sparc.deb\n Size/MD5: 173332 f94ff6354e27bda2f21a8a542e77f274\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_sparc.udeb\n Size/MD5: 65854 2631780a00ee2727264e6d0f477daa83\n\nUpdated packages for Ubuntu 8.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.diff.gz\n Size/MD5: 19116 22de419d4a9203e183ccc14813b0d5e2\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.dsc\n Size/MD5: 1293 bd0ff3a04141fae88c8136f6f9ee63d4\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-1ubuntu0.2_all.deb\n Size/MD5: 934 cdd02e7c09b4bb61bd14670f155f81f4\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_amd64.deb\n Size/MD5: 168308 37a5c4970ffd3dc878026e66310bfecc\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_amd64.deb\n Size/MD5: 255526 df3e911f99e2d64d3246710e0dea9d49\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_amd64.udeb\n Size/MD5: 72758 6a64efb6a07e32ddfe80bed566e110c8\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_i386.deb\n Size/MD5: 166630 08a7389cb42e41ebba773ecdb9e347fe\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_i386.deb\n Size/MD5: 247664 e39fbb64952529e977b335e308662782\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_i386.udeb\n Size/MD5: 71014 9e5c717ed5d4e17d86caabb80221030d\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_lpia.deb\n Size/MD5: 167096 ed195852cc2b60cb0ddc9cccf87ed280\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_lpia.deb\n Size/MD5: 248616 dc85b020b9a129916f24618d3e27e684\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_lpia.udeb\n Size/MD5: 71418 e60289ac791f78aae8eb5598a3eacb5a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_powerpc.deb\n Size/MD5: 167230 5f8b71b3a98b1645727f1f4ae534f960\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_powerpc.deb\n Size/MD5: 254380 76ea57650fd01eb86a315ca0b73dcdca\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_powerpc.udeb\n Size/MD5: 71582 f9b8803343f2f61bf5f07b1fb4a25918\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_sparc.deb\n Size/MD5: 162222 445a3d3abb843e73fbf89fe0520ab664\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_sparc.deb\n Size/MD5: 248216 768f20b123d1b0c1c448b3b240245d5c\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_sparc.udeb\n Size/MD5: 66728 cf376eab6461fdee69f0bbde6d58dc53\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.diff.gz\n Size/MD5: 174503 ffa63cd1b57dc442faff9a65d2f25ee7\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.dsc\n Size/MD5: 1296 890ff19ff7b12aa90d0d38c0b1550055\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.1_all.deb\n Size/MD5: 936 3dee09961304f1caf76db0995a027b95\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_amd64.udeb\n Size/MD5: 72778 30622682dc700cba1101384ab84fe7ca\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_amd64.deb\n Size/MD5: 168382 4be6ce864bf04169baf7d4b656ea8e02\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_amd64.deb\n Size/MD5: 255620 730ed6a69006fa14753ef99f89664d31\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_i386.udeb\n Size/MD5: 71084 5a3cc8f7589fae49e91689d85476b193\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_i386.deb\n Size/MD5: 166732 d674a5262197c091d9ca5b2370cff187\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_i386.deb\n Size/MD5: 247744 644a3757529a46d3389e2db18a566f3d\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_lpia.udeb\n Size/MD5: 71472 662aba7284b732240c2d7bff864eed12\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_lpia.deb\n Size/MD5: 167200 47dc03f91b37b73626e026cb7da28b15\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_lpia.deb\n Size/MD5: 248706 a01e8fe54d38f4101c6ad0f78eec4a7e\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_powerpc.udeb\n Size/MD5: 71564 96e3fb7342ab462db7a27fbd39a46649\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_powerpc.deb\n Size/MD5: 167254 90e1cb3da8cc85953442611cf0faaed8\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_powerpc.deb\n Size/MD5: 254444 4b89c89e031c0d4265b1eb3da45f06e9\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_sparc.udeb\n Size/MD5: 66646 ac9aa1a738ef8ed71bd8b876f1920098\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_sparc.deb\n Size/MD5: 162176 06a1b4ab47a39790da4e9b1e0967c1d2\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_sparc.deb\n Size/MD5: 248222 91cca4c40c4ce6ac41df52ea62e5008a\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.diff.gz\n Size/MD5: 18107 a9bf93cac21b17a3589193ae511b75d2\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.dsc\n Size/MD5: 1293 dc9a20f9a129ad150f61ec9bb745b039\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz\n Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.1_all.deb\n Size/MD5: 934 3d21bd9bf41fe210303474389cfeb0a8\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_amd64.udeb\n Size/MD5: 73848 d436fc20150573d565017d9e29141484\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_amd64.deb\n Size/MD5: 174886 34607a76ee1ebdd82b5c71068e6e32b2\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_amd64.deb\n Size/MD5: 265214 f600588bdf4f00731d94ccd8bbc68455\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_i386.udeb\n Size/MD5: 70382 7d93414ce0e28351b972605abae92cd1\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_i386.deb\n Size/MD5: 171402 2b8f6f1c8e8300c3149c59d1fc107659\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_i386.deb\n Size/MD5: 255250 a033009f8d9a990655437c3d129668bf\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_lpia.udeb\n Size/MD5: 71012 d3df3a73bf61acb9f1d489a32b3b8a60\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_lpia.deb\n Size/MD5: 172126 1b94fcc470ba8878eace85240fae74cf\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_lpia.deb\n Size/MD5: 257172 3c3280435a2b7d1817b49cd4a3a14bef\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_powerpc.udeb\n Size/MD5: 72402 e0b80daed7db7e00d2a921ed5708ffe8\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_powerpc.deb\n Size/MD5: 173494 31c424c02fe594bb6cf9acd1bef1763f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_powerpc.deb\n Size/MD5: 264450 b0546250e1804b0d385bb8eb714cd2da\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_sparc.udeb\n Size/MD5: 67312 0df0d665eeb40343b9d5485910101786\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_sparc.deb\n Size/MD5: 168372 2a079837d6b9f47c41a02340c5d9e27c\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_sparc.deb\n Size/MD5: 257434 05811c8ff658321e91078f280dacfbe7\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2032-1 security@debian.org\nhttp://www.debian.org/security/ Giuseppe Iuculano\nApril 11, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : libpng\nVulnerability : several\nProblem type : local (remote)\nDebian-specific: no\nCVE Id(s) : CVE-2009-2042 CVE-2010-0205\nDebian Bugs : 533676 572308\n\n\nSeveral vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2009-2042\n\nlibpng does not properly parse 1-bit interlaced images with width values\nthat are not divisible by 8, which causes libpng to include\nuninitialized bits in certain rows of a PNG file and might allow remote\nattackers to read portions of sensitive memory via \"out-of-bounds\npixels\" in the file. \n\nFor the testing (squeeze) and unstable (sid) distribution, these\nproblems have been fixed in version 1.2.43-1\n\nWe recommend that you upgrade your libpng package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.dsc\n Size/MD5 checksum: 1201 abe81b0d3c4aa7a1fa418e29f2c5b297\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.diff.gz\n Size/MD5 checksum: 19687 60ede1843ceb8a1f127c54b847a74dfa\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny3_all.deb\n Size/MD5 checksum: 880 028b00e28aad8282714776c5dcca64a8\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_alpha.udeb\n Size/MD5 checksum: 86562 d9c50af59951e972557d393409b75bf2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_alpha.deb\n Size/MD5 checksum: 287752 1d7d84aee223c0933d1a616722607096\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_alpha.deb\n Size/MD5 checksum: 182436 001ecbf421f70ca521a3968f1d14c874\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_amd64.udeb\n Size/MD5 checksum: 71912 78fbe1a6568671e4c557ec12e29481b0\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_amd64.deb\n Size/MD5 checksum: 254500 481312a64867f31c363b7fbba9cfe171\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_amd64.deb\n Size/MD5 checksum: 167864 3d285c20d2f080313f82eb09dcb7261b\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_arm.udeb\n Size/MD5 checksum: 64566 a4a9742190557d14beae40133fb46cf1\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_arm.deb\n Size/MD5 checksum: 245438 a16f62e771622e05812172f7c7066504\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_arm.deb\n Size/MD5 checksum: 159612 81facf06de458dd6b1e84a78bb1acfc8\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_armel.udeb\n Size/MD5 checksum: 67028 56fc4199656d239231c7b8d8e035fead\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_armel.deb\n Size/MD5 checksum: 245930 9f64181bc16af0ad0de4ba2e86b25706\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_armel.deb\n Size/MD5 checksum: 162504 3129e1c2360fcba0309257e2b1dff8ca\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_hppa.udeb\n Size/MD5 checksum: 73858 9d5a53e3258b5149bee68a4d20067bf9\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_hppa.deb\n Size/MD5 checksum: 169602 12ddce05c84ef675c348a1e64f1a277c\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_hppa.deb\n Size/MD5 checksum: 261788 9297cb916e57e2f912de3f16bcbae475\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_i386.deb\n Size/MD5 checksum: 246968 083d472fd65f884c91dff5926e538342\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_i386.deb\n Size/MD5 checksum: 165560 233945ee4b1e442357276431ce495a4c\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_i386.udeb\n Size/MD5 checksum: 70094 769336f4574678e56931e1a1eaf6be6a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_ia64.deb\n Size/MD5 checksum: 305324 42d7265034b84662467bb75456653787\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_ia64.udeb\n Size/MD5 checksum: 111776 ad716022a6a22371bb83f3966ebe17d4\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_ia64.deb\n Size/MD5 checksum: 206866 572b9d18c5adba74a4e5b99714968a60\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_mipsel.deb\n Size/MD5 checksum: 262242 e905771ac3fa905cc03a3ddc8f9872dd\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_mipsel.udeb\n Size/MD5 checksum: 68370 4d44877866357a0fd8474fd8fe183616\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_mipsel.deb\n Size/MD5 checksum: 164154 93c02dbae7dfe59b77ce4b683b82eaef\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_powerpc.deb\n Size/MD5 checksum: 166402 1d470464fe2b493aef8d95dde5fd95d8\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_powerpc.udeb\n Size/MD5 checksum: 70682 1dd9713672dbac4a7434f1f96a1184b5\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_powerpc.deb\n Size/MD5 checksum: 253478 7a87577e07ed0bb9e759b973b2d7cf18\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_s390.udeb\n Size/MD5 checksum: 73470 52b1a911a81f133a83a387663aa3ffb2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_s390.deb\n Size/MD5 checksum: 252988 18b4c8b17b3e30ab6cce89c21c99fbfc\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_s390.deb\n Size/MD5 checksum: 169264 601982b9a97707ab05e1f4469cd8e20e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_sparc.deb\n Size/MD5 checksum: 161562 facd643206903acfa3a503c1d69e9248\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_sparc.udeb\n Size/MD5 checksum: 66032 cbbe521a9a5629987603a57b8c9f35be\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_sparc.deb\n Size/MD5 checksum: 247212 76b8fe782fd0e5f7546bd535f8d442bc\n\n\n These files will probably be moved into the stable distribution on\n its next update. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0205"
},
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "BID",
"id": "38478"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "PACKETSTORM",
"id": "87557"
},
{
"db": "PACKETSTORM",
"id": "87345"
},
{
"db": "PACKETSTORM",
"id": "88286"
}
],
"trust": 3.33
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42810",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42810"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#576029",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2010-0205",
"trust": 3.5
},
{
"db": "BID",
"id": "38478",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "38774",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0517",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "39251",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "41574",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "62670",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1023674",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0667",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-2491",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0626",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0686",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1107",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0682",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0605",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0637",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0847",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "94522",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "87569",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42810",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0847",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/1107",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0667",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0605",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/2491",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0626",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0517",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0686",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0682",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2010/0637",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-0205",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94244",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "87557",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "87345",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "88286",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "BID",
"id": "38478"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "PACKETSTORM",
"id": "87557"
},
{
"db": "PACKETSTORM",
"id": "87345"
},
{
"db": "PACKETSTORM",
"id": "88286"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"id": "VAR-201003-1082",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42810"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T19:26:29.319000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435"
},
{
"title": "HT4435",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP"
},
{
"title": "libpng-1.2.10-7.1.3.0.1.AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1210"
},
{
"title": "Security Advisory for libpng-1.4.0 and earlier, 27 February 2010",
"trust": 0.8,
"url": "http://libpng.sourceforge.net/ADVISORY-1.4.1.html"
},
{
"title": "Defending Libpng Applications Against Decompression Bombs",
"trust": 0.8,
"url": "http://libpng.sourceforge.net/decompression_bombs.html"
},
{
"title": "\u3010JVN \u306b\u63b2\u8f09\u3055\u308c\u305f\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u3011",
"trust": 0.8,
"url": "http://ja.bbs.luna.tv/viewtopic.php?f=68\u0026t=3721"
},
{
"title": "2078",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2078"
},
{
"title": "2079",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2079"
},
{
"title": "RHSA-2010:0534",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0534.html"
},
{
"title": "multiple_vulnerabilities_in_libpng",
"trust": 0.8,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng"
},
{
"title": "VMSA-2010-0014",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"title": "pictbear",
"trust": 0.8,
"url": "http://www.fenrir.co.jp/pictbear/"
},
{
"title": "libpng-1.4.1.tar.bz2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=214"
},
{
"title": "lpng141.zip",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=218"
},
{
"title": "lpng141.7z",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=217"
},
{
"title": "libpng-1.4.1.tar.xz",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=216"
},
{
"title": "libpng-1.4.1.tar.gz",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=215"
},
{
"title": "linpng_txt.zip",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=219"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2010-0205 VU#576029 libpng stalls on highly compressed ancillary chunks",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=068ed551f848e5205f1c655154c5d17e"
},
{
"title": "Debian CVElist Bug Report Logs: libpng: CVE-2009-2042 \"out-of-bounds pixels\" vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5f5cf6ccf38dd0426354a95830317f34"
},
{
"title": "Debian Security Advisories: DSA-2032-1 libpng -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=7efe228231e53c876f6e76ff8b041bb6"
},
{
"title": "Ubuntu Security Notice: libpng vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-913-1"
},
{
"title": "VMware Security Advisories: VMware Workstation, Player, and ACE address several security issues.",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=b3571bd7da36d47dd9d3066ad9612f4c"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/576029"
},
{
"trust": 2.9,
"url": "http://libpng.sourceforge.net/advisory-1.4.1.html"
},
{
"trust": 2.6,
"url": "http://libpng.sourceforge.net/decompression_bombs.html"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/38478"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/38774"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/0517"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
},
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4435"
},
{
"trust": 1.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2010/dsa-2032"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037237.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037355.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037364.html"
},
{
"trust": 1.8,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037607.html"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:063"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:064"
},
{
"trust": 1.8,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"trust": 1.8,
"url": "http://osvdb.org/62670"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id?1023674"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/39251"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/41574"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"trust": 1.8,
"url": "http://ubuntu.com/usn/usn-913-1"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0605"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0626"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0637"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0667"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0682"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0686"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0847"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/1107"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"trust": 1.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56661"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu331391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu576029/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0205"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205"
},
{
"trust": 0.3,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_libpng"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100108439"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572308"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/913-1/"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201010-01.xml"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisoiries"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.5_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_lpia.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-1ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_i386.udeb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_amd64.udeb"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_mipsel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_i386.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_ia64.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_sparc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_hppa.udeb"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_alpha.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_s390.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_powerpc.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_arm.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_armel.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_armel.udeb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_hppa.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "BID",
"id": "38478"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "PACKETSTORM",
"id": "87557"
},
{
"db": "PACKETSTORM",
"id": "87345"
},
{
"db": "PACKETSTORM",
"id": "88286"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#576029"
},
{
"db": "VULHUB",
"id": "VHN-42810"
},
{
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"db": "BID",
"id": "38478"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"db": "PACKETSTORM",
"id": "94522"
},
{
"db": "PACKETSTORM",
"id": "94244"
},
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "PACKETSTORM",
"id": "87557"
},
{
"db": "PACKETSTORM",
"id": "87345"
},
{
"db": "PACKETSTORM",
"id": "88286"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-03-02T00:00:00",
"db": "CERT/CC",
"id": "VU#576029"
},
{
"date": "2010-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-42810"
},
{
"date": "2010-03-03T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"date": "2010-03-02T00:00:00",
"db": "BID",
"id": "38478"
},
{
"date": "2010-03-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"date": "2010-10-05T22:16:57",
"db": "PACKETSTORM",
"id": "94522"
},
{
"date": "2010-09-25T18:50:30",
"db": "PACKETSTORM",
"id": "94244"
},
{
"date": "2010-03-23T23:16:59",
"db": "PACKETSTORM",
"id": "87569"
},
{
"date": "2010-03-23T22:20:24",
"db": "PACKETSTORM",
"id": "87557"
},
{
"date": "2010-03-17T00:04:21",
"db": "PACKETSTORM",
"id": "87345"
},
{
"date": "2010-04-13T00:25:27",
"db": "PACKETSTORM",
"id": "88286"
},
{
"date": "2010-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"date": "2010-03-03T19:30:00.493000",
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-03-02T00:00:00",
"db": "CERT/CC",
"id": "VU#576029"
},
{
"date": "2020-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-42810"
},
{
"date": "2020-08-07T00:00:00",
"db": "VULMON",
"id": "CVE-2010-0205"
},
{
"date": "2015-04-13T20:16:00",
"db": "BID",
"id": "38478"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001158"
},
{
"date": "2020-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201003-024"
},
{
"date": "2024-11-21T01:11:45.570000",
"db": "NVD",
"id": "CVE-2010-0205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "87569"
},
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libpng stalls on highly compressed ancillary chunks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#576029"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201003-024"
}
],
"trust": 0.6
}
}
var-200609-1501
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-1501",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "53566"
}
],
"trust": 5.67
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-1501",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-28T20:44:00.159000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.6,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2024-11-21T00:12:26.670000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200110-0275
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824490 Version: 1
HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05 Last Updated: 2011-05-05
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
References: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html
CSWS_PHP V2.2 http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html
HISTORY Version:1 (rev.1) - 5 May 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172 http://www.mandriva.com/security/
Package : openssl Date : September 28, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
. OpenSSL Security Advisory [28th September 2006]
New OpenSSL releases are now available to correct four security issues.
ASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)
Vulnerability
Dr. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory (CVE-2006-2937). (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack (CVE-2006-2940).
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Acknowledgements
The OpenSSL team thank Tavis Ormandy and Will Drewry of the Google Security Team for reporting this issue.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0275",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02824490\nVersion: 1\n\nHPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-05-05\nLast Updated: 2011-05-05\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nReferences: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html\n\nCSWS_PHP V2.2\n http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html\n\nHISTORY\nVersion:1 (rev.1) - 5 May 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : September 28, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n. OpenSSL Security Advisory [28th September 2006]\n\nNew OpenSSL releases are now available to correct four security\nissues. \n\n\nASN.1 Denial of Service Attacks (CVE-2006-2937, CVE-2006-2940)\n==============================================================\n\nVulnerability\n-------------\n\nDr. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. This can result in an infinite loop which\nconsumes system memory (CVE-2006-2937). (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. This could be used by an attacker in a denial of\nservice attack (CVE-2006-2940). \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Tavis Ormandy and Will Drewry of the Google\nSecurity Team for reporting this issue. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
}
],
"trust": 5.4
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0275",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-20T19:44:07.717000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-200609-0914
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. This can result in an infinite loop which consumes system memory. ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. This could be used by an attacker in a denial of
service attack. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0914",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. This can result in an infinite loop which\n consumes system memory. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. This could be used by an attacker in a denial of\n service attack. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
}
],
"trust": 4.95
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "BID",
"id": "20248",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200609-0914",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.30152614
},
"last_update_date": "2024-06-25T11:20:37.419000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
var-201405-0538
Vulnerability from variot
VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. Multiple VMware products are prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges on the guest operating system. The following products are affected: VMware Workstation 10.x prior to version 10.0.2 VMware Player 6.x prior to version 6.0.2 VMware Fusion 6.x prior to version 6.0.3 ESXi 5.5 without patch ESXi550-201403102-SG ESXi 5.1 without patch ESXi510-201404102-SG ESXi 5.0 without patch ESXi500-201405102-SG. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2014-0005 Synopsis: VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation Issue date: 2014-05-29 Updated on: 2014-05-29 (initial advisory) CVE numbers: CVE-2014-3793
-
Problem Description
a.
VMware would like to thank Tavis Ormandy from the Google Security
Team for reporting this issue to us. This means that host
memory can not be manipulated from the Guest Operating System.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2014-3793 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
** Workstation 9.x, Player 5.x and Fusion 5.x do not support
Windows 8.1 Guest Operating Systems
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3793
- Change Log
2014-05-29 VMSA-2014-0005 Initial security advisory in conjunction with the release of ESXi 5.0 patches on 2014-05-29
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- fulldisclosure at seclists.org
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html
Twitter https://twitter.com/VMwareSRC
Copyright 2014 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 15337) Charset: utf-8
wj8DBQFTiAIMDEcm8Vbi9kMRAgJiAKCI3namsqifeWwPKML6Gk2u+206PgCg2BFN Ik+PbexzXJiOjs0MAzONaw4= =nKGT -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0538",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "esxi",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "esxi",
"scope": "eq",
"trust": 2.7,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "esxi",
"scope": "eq",
"trust": 2.1,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "player",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.9,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "10.0.1"
},
{
"model": "fusion",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.6,
"vendor": "vmware",
"version": "10.0"
},
{
"model": "workstation",
"scope": "lt",
"trust": 0.8,
"vendor": "vmware",
"version": "10.x"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "fusion",
"scope": "lt",
"trust": 0.8,
"vendor": "vmware",
"version": "6.x"
},
{
"model": "player",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "player",
"scope": "lt",
"trust": 0.8,
"vendor": "vmware",
"version": "6.x"
},
{
"model": "esxi esxi500-20131010",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.01"
},
{
"model": "workstation mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0"
},
{
"model": "workstation build-1379776",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.1"
},
{
"model": "esxi update",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.01"
},
{
"model": "esxi esxi510-20131010",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "player",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "esxi esxi550-20140310",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "esxi esxi500-2014051",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.02"
},
{
"model": "esxi esxi510-20140410",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "fusion",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "esxi esxi510-20140110",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"model": "esxi esxi550-20131210",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
}
],
"sources": [
{
"db": "BID",
"id": "67737"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.1:1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:vmware:esxi:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy from the Google Security Team",
"sources": [
{
"db": "BID",
"id": "67737"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-3793",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-3793",
"trust": 1.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-590",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. Multiple VMware products are prone to a local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to gain elevated privileges on the guest operating system. \nThe following products are affected:\nVMware Workstation 10.x prior to version 10.0.2\nVMware Player 6.x prior to version 6.0.2\nVMware Fusion 6.x prior to version 6.0.3\nESXi 5.5 without patch ESXi550-201403102-SG\nESXi 5.1 without patch ESXi510-201404102-SG\nESXi 5.0 without patch ESXi500-201405102-SG. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\nVMware Security Advisory\n\nAdvisory ID: VMSA-2014-0005\nSynopsis: VMware Workstation, Player, Fusion, and ESXi patches address\na guest privilege escalation\nIssue date: 2014-05-29\nUpdated on: 2014-05-29 (initial advisory)\nCVE numbers: CVE-2014-3793\n- -------------------------------------------------------------------------\n\n1. \n\n2. Problem Description\n\n a. \n\n VMware would like to thank Tavis Ormandy from the Google Security\n Team for reporting this issue to us. This means that host\n memory can not be manipulated from the Guest Operating System. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2014-3793 to this issue. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n ** Workstation 9.x, Player 5.x and Fusion 5.x do not support\n Windows 8.1 Guest Operating Systems\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the checksum of your downloaded file. References\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3793\n\n- -------------------------------------------------------------------------\n\n6. Change Log\n\n 2014-05-29 VMSA-2014-0005\n Initial security advisory in conjunction with the release of\n ESXi 5.0 patches on 2014-05-29\n\n- -------------------------------------------------------------------------\n \n7. Contact\n\n E-mail list for product security notifications and announcements:\n http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\n This Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * fulldisclosure at seclists.org\n\n E-mail: security at vmware.com\n PGP key at: http://kb.vmware.com/kb/1055\n\n VMware Security Advisories\n http://www.vmware.com/security/advisories\n\n VMware Security Response Policy\n https://www.vmware.com/support/policies/security_response.html\n\n VMware Lifecycle Support Phases\n https://www.vmware.com/support/policies/lifecycle.html\n \n Twitter\n https://twitter.com/VMwareSRC\n\n Copyright 2014 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: Encryption Desktop 10.3.2 (Build 15337)\nCharset: utf-8\n\nwj8DBQFTiAIMDEcm8Vbi9kMRAgJiAKCI3namsqifeWwPKML6Gk2u+206PgCg2BFN\nIk+PbexzXJiOjs0MAzONaw4=\n=nKGT\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3793"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "BID",
"id": "67737"
},
{
"db": "PACKETSTORM",
"id": "126869"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3793",
"trust": 2.8
},
{
"db": "PACKETSTORM",
"id": "126869",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58894",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1030311",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1030310",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590",
"trust": 0.6
},
{
"db": "BID",
"id": "67737",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "67737"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "PACKETSTORM",
"id": "126869"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"id": "VAR-201405-0538",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.5
},
"last_update_date": "2022-05-04T09:12:23.053000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "VMSA-2014-0005",
"trust": 0.8,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0005.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0005.html"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1030310"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58894"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1030311"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/126869/vmware-security-advisory-2014-0005.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/532236/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3793"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3793"
},
{
"trust": 0.3,
"url": "http://www.vmware.com"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/go/downloadfusion"
},
{
"trust": 0.1,
"url": "https://twitter.com/vmwaresrc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3793"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2075521"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2065832"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/lifecycle.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/go/downloadworkstation"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/2070666"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/go/downloadplayer"
}
],
"sources": [
{
"db": "BID",
"id": "67737"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "PACKETSTORM",
"id": "126869"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "67737"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"db": "PACKETSTORM",
"id": "126869"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-29T00:00:00",
"db": "BID",
"id": "67737"
},
{
"date": "2014-06-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"date": "2014-05-31T00:00:43",
"db": "PACKETSTORM",
"id": "126869"
},
{
"date": "2014-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"date": "2014-05-31T11:17:00",
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-29T00:00:00",
"db": "BID",
"id": "67737"
},
{
"date": "2014-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002691"
},
{
"date": "2014-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-590"
},
{
"date": "2018-10-09T19:47:00",
"db": "NVD",
"id": "CVE-2014-3793"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural VMware Product VMware Tools Guest in OS Vulnerabilities that have been granted permission",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002691"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-590"
}
],
"trust": 0.6
}
}
var-200110-0196
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. Three of the vulnerabilities are denials of service, but the other is a buffer overflow that is expected to create remote unauthorized access vulnerabilities in other applications. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0196",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. Three of the vulnerabilities are denials of service,\n but the other is a buffer overflow that is expected to create\n remote unauthorized access vulnerabilities in other applications. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50535"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.8
},
{
"db": "BID",
"id": "20247",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200110-0196",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-19T20:12:16.511000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-533"
},
{
"date": "2018-10-18T16:44:22.137000",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-533"
}
],
"trust": 0.6
}
}
var-200110-0171
Vulnerability from variot
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. A buffer overflow vulnerability in an OpenSSL library function could allow a remote attacker to execute code on an affected system. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
TITLE: gzip Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA21996
VERIFY ADVISORY: http://secunia.com/advisories/21996/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
SOFTWARE: gzip 1.x http://secunia.com/product/4220/
DESCRIPTION: Tavis Ormandy has reported some vulnerabilities in gzip, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
1) A boundary error within the "make_table()" function in unlzh.c can be used to modify certain stack data. tricking a user or automated system into unpacking a specially crafted archive file. tricking a user or automated system into unpacking a specially crafted "pack" archive file.
3) A buffer overflow within the "make_table()" function of gzip's LZH support can be exploited to cause a DoS and potentially to compromise a vulnerable system by e.g. tricking a user or automated system into unpacking an archive containing a specially crafted decoding table.
4) A NULL pointer dereference within the "huft_build()" function and an infinite loop within the LZH handling can be exploited to cause a DoS by e.g. tricking a user or automated system into unpacking a specially crafted archive file.
The vulnerabilities have been reported in version 1.3.5.
SOLUTION: Do not unpack untrusted archive files.
PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy, Google Security Team
ORIGINAL ADVISORY: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676
OTHER REFERENCES: US-CERT VU#554780: http://www.kb.cert.org/vuls/id/554780
US-CERT VU#381508: http://www.kb.cert.org/vuls/id/381508
US-CERT VU#773548: http://www.kb.cert.org/vuls/id/773548
US-CERT VU#933712: http://www.kb.cert.org/vuls/id/933712
US-CERT VU#596848 http://www.kb.cert.org/vuls/id/596848
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Background
The Mozilla Network Security Service is a library implementing security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates. This impacts any software using the NSS library, like the Mozilla products Firefox, Thunderbird and Seamonkey. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1192-1 security@debian.org http://www.debian.org/security/ Martin Schulze October 6th, 2006 http://www.debian.org/security/faq
Package : mozilla Vulnerability : several Problem type : remote Debian-specific: no CVE IDs : CVE-2006-2788 CVE-2006-4340 CVE-2006-4565 CVE-2006-4566 CVE-2006-4568 CVE-2006-4570 CVE-2006-4571 BugTraq ID : 20042
Several security related problems have been discovered in Mozilla and derived products.
CVE-2006-4340
Daniel Bleichenbacher recently described an implementation error
in RSA signature verification that cause the application to
incorrectly trust SSL certificates.
CVE-2006-4570
Georgi Guninski demonstrated that even with JavaScript disabled in
mail (the default) an attacker can still execute JavaScript when a
mail message is viewed, replied to, or forwarded.
For the stable distribution (sarge) these problems have been fixed in version 1.7.8-1sarge7.3.1.
We recommend that you upgrade your Mozilla package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1.dsc
Size/MD5 checksum: 1131 d15b48d8e6d5bb470cffefdb98fd8c58
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1.diff.gz
Size/MD5 checksum: 565099 9539b911c438e419cee16fdce5ccebb1
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz
Size/MD5 checksum: 30589520 13c0f0331617748426679e8f2e9f537a
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 168064 ebdd93280990a822fe619b20d2c5651b
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 147992 527d6cfc2f148b2b57a5710e927d2f7d
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 184944 6b61d08d769e011cbd2c90e8fb45c13b
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 857794 f734aa2ccf548cd02f29c41af248191b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 1038 03fa5f515ce9cf9ee8b6909112e67241
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 11492210 6370fe9a4502211f03d1c556db10a9a9
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 403278 be6c2e243d2690311b9ebd3f39d0699d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 158336 6e0d851b64e2eef0a971ec836bf1d8be
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 3358952 739167a1d53ef3fea8d48ac68a0ff985
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 122296 6fdf00b74974a4e264d5ad8cc211d10a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 204154 17bc334d8f76a7f53f4e1bf8487dc47a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 1937186 381885d5a06821864c32f351b37dc906
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_alpha.deb
Size/MD5 checksum: 212632 bb11ae317c16108ca9320317eef099c7
AMD64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 168068 a6ec123adfd2fcbf9408596b5c73b9d4
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 147080 9152fff3ba0fbf2a2bf5460d8c96cb5f
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 184956 524afa513ee220128c8524c1205ef8f5
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 715998 08791e74ecdf20de41e5f19d94a716ca
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 1036 6742c0d8e01ba7280ee2517b02a0692a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 10958842 2dd4d59281c666921689dab18cc97a7f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 403286 ae407a2bc00ed600a3e4381bf4b2f5fa
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 158332 9dc4bdb8e22d6a43a426768e1159465a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 3352976 007632e26f24148508945746e9b38808
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 121182 0b6333f64e2c554b0714ab2300a231f2
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 204176 ddf17971c28fb17165bc67136e899437
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 1936044 5595ca57ce7bad38f20e8d096e263719
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_amd64.deb
Size/MD5 checksum: 204450 d2da3c40abbd17b414db5eae5075dbd5
ARM architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 168072 ff2516439a6a9142f390711efb348ad8
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 125426 a4c096f68b567473cedf980a41b7841e
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 184972 958ce2289c9f9001c05c6fcbcb5c8a71
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 633292 f9ae3102e3e1db4c7193cc647108affc
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 1038 c615211b7d148e6914ccc8206ae72269
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 9220338 f018149aeceba69d07abd6ccf40511f8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 403324 791115daa9842a854c101152b2aa53e8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 158364 ea384cea48bab4655a5b155b670dcbbe
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 3342410 147a1d3e30e68d492d1606d8f5b75e8b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 112668 151c1100ded9a89a7dca01496f657bde
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 204172 ed28f22bc9063cd418041f1212cc3a01
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 1604524 311d5cd9eaab1aaa9bb10ec44f1b43b8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_arm.deb
Size/MD5 checksum: 169016 e827fe7370f7f3766230765c66e1b9ed
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 168070 64581dd9cc92cd679ee2fc0ee61db9f5
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 157996 716faceb18fb7018141b84f51c6503a7
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 184952 10cf87ce4aac77800d045012455f52b7
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 756042 44e58475246ab2da5fce46332b9bed8f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 1042 5cbd847400e085f61ce114727dc400e6
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 12176912 0d2a27beadca59f8eb2102d1a032b351
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 403290 0640f6da79eab04ce3fb60f52f235763
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 158358 c748bbf13608c462fa51a7c200344324
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 3359202 f9182415beea6800a2799ef66853f001
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 123514 efafd42607f1d4219906f39f1153f56d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 204170 5f500679a2fbb03620fe96e5a9e66615
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 2135248 fbdad52922d54cbbd93b2c07435f114b
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_hppa.deb
Size/MD5 checksum: 216440 bfbe9cda6e01d1f17872512935be0699
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 170352 93c0132757c2f5927cbcd3edbc6c50e1
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 137902 746c7c10db2d40314da82cfbfe68b21b
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 187134 448048f13343dd917bf8e5b4aebc9c6c
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 662738 c6c6a485eddccd6827e459d5a3ef1802
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 1032 7dba2a502de330766b38b3de3415bb96
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 10349414 3433a083e8caf92aeccd640fa8e3051c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 403516 f2bf1fe26de0867f652d0279ee09a2ce
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 158364 5efe6a701d8ec73f9b68c99f6ed8743a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 3595032 20d25e4e398ee8e061023c051202ead0
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 116690 832936b80e72faa976f9b88cf7bbce1e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 204166 8232c7007d5674ec81cadb21e1152192
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 1816124 d86ab51a3bae24c0c15812c09a6d5aca
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_i386.deb
Size/MD5 checksum: 192792 f6aa69247beb6d659fceeda712570211
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 168064 c7e380c8c28cb27c75f0eb4f5308ce0f
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 175418 51df9210069ec76233e987faf7332f73
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 184940 fa8414c133c69fcbc757eb5a973fd619
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 968238 1325acd2d3c6cd55da5862c4cc37c7e7
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 1034 7cb96d17eca85528e75571e908eea762
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 12965968 c806fe57cad11be3e517ae32a9bf8a74
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 403278 38b8e1dee5235aba18f4481e8358e17a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 158342 92e3349223f0ce8018df4a5e3dd3d284
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 3378668 afbbe0a2a0388afa336f0fa5b2e9b375
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 125586 f628ec3a2a0e9ffd882349a4748b5bb5
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 204164 b64822e5541dbf9ce18c25c3c57a727c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 2302358 89a93b8c9f670c25508881335159d695
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_ia64.deb
Size/MD5 checksum: 242930 62fc9a87649de2ecef2a39542c470857
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 168078 c3b7aa1b816f29a98e4a111cb8eee55b
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 127086 70b2e18c48d5fa16a42ea2c230841434
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 184992 b243567f7524c97f6d32ef7acfd419cd
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 601300 39d6c017e68ea837f0ce4da5fed30499
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 1044 70236bff1f5c7409fa727dbb9125aaa0
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 9717226 5ba4f9b972b837b6007874872dd3b352
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 403386 fff7cf6c197cb493e92daf6d41d26e34
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 158420 701da929538dad73aec9fdc68cdcf749
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 3338098 a046f1d0df0784228383a9e8406d7a65
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 114484 669b9051c0991e44bda2db410c91cb95
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 204216 99c53a9c2f2350a4a1a9d39c78054047
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 1683242 aa2ed286b86606c51481d4a51729b1f9
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_m68k.deb
Size/MD5 checksum: 175022 504150e924b5ad04892b29e06646d9e5
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 168068 986e98f644a1ce7e41c8b66ea64a78d3
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 141958 9d48c8ead5b703ec59e151fe015017a9
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 184944 8c22e740e0f30065e3e2555470a7400e
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 727008 4eb13d18c10aba6970877152605932d6
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 1042 a03a2cb21c195c0be9fddc05bc36ae2a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 10738234 765f082c174e71fcf336a1a05d4da21e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 403294 321aad797e8afc4d201f2e2f5b2aa451
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 158346 83a396e806b4d7d0f488081d0f573adf
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 3358822 e9c2a6ec923da290335ca1251b871ea3
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 117644 1b60a2916cd066c5e8ee1bc615b549ba
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 204164 0b7ec0de758949ede920d1fda470b406
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 1795554 1ecdca7f3d0175d64d1320cccb3e4c97
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_mips.deb
Size/MD5 checksum: 190110 d507d038190177f2a07a236770596b43
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 168076 daeb11c43fcdae32f8107fc870d413ea
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 141908 58052e46884d461b22cf6308183d8104
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 184954 793c3b33874d48779520cbb302ccf07d
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 716464 ca48760ff0f4621ee9562aa839358520
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 1042 9f3f22a5debbcc2e8dfc009d97e35d2e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 10617798 9fde4aa43c30493758af5c0d27248a85
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 403288 15fd9ac211379c4a53d1a00002f1954d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 158330 62e83130300fef744be42b911f872701
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 3359560 9af2ab0f437e08b5936c7cd56a181b63
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 117204 2c2503930b8b58af5e74ad2d1270591d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 204156 0bb224941755465b55ff6df8cec8cfcb
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 1777612 cbcf8085e6ec3a7ba97b0e751b5345c4
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_mipsel.deb
Size/MD5 checksum: 187622 9bc6ba814ade0445aff6d5a9c4d3a696
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 168074 d7b4a7c5bbe3baac5133c3fa1a265e07
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 132428 774701aa5761a72b48719cc3c90b95e7
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 184956 7b79f2e6d9d4cba7c9b8ab88b2232604
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 720214 ef13301949fb2cb87c0f2464220bfad0
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 1042 b11e9180cd97514ea791541dc51c6e5d
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 9711648 8c107826f2ec6cca249be5f1042dea0e
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 403292 12e27826c444ab1f8c5afd88f154fbcb
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 158356 affeb35493057105a7dfd89bba5d40dd
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 3341204 ad03912ca42d8d14ab7b269e30c444b1
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 114582 3c198af3d33673a9d6f2e7c1cec00e4f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 204176 a6d09e9b630d9210a1cf1ffbc81c8569
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 1643154 2d343f903c492177885ee167aa89eb7a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_powerpc.deb
Size/MD5 checksum: 175816 8e2eddbd5631017cb725b69e1e493143
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 168072 181bd53f98bae36e2c65617f7d19d3dd
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 157706 4841fbcddea3c973c0e58f650b02be0a
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 184944 3676098265fe184b29eeaeb5600fb0b0
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 800404 d59043ee3f8de6109ded310eb2676caa
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 1038 f2edb972286fb96d781b6eedda318047
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 11339772 1d4d0d4737b0da240db0aa3d64f740de
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 403280 4a628c6906de57be839683efc0e75385
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 158330 d948a64b56af65bcef8ea69095d2c7f0
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 3353612 fdd6c8b25715b6bd4a19afa9a1f6d6de
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 121366 c9a927eaf8fdd5e81ec5e4ccd65cbfcc
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 204170 db1baf6a69237d2ad992312f7e49e06f
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 1944792 7c2ccc266fed2030012e957b1e8468b5
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_s390.deb
Size/MD5 checksum: 213644 610bee894928b26d2b807525e5cae97e
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 168068 6fcfd42726a291edb1cfd61e2f11a984
http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 129660 f339731cd85d092184e8d645692b6a46
http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 184956 753e6c5c8897c8b295069be4aedcc55b
http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 674042 57126ff0e746ea6353e94c9cd12f19de
http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 1040 c67300bde176389372c7fc1c165f5976
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 9384000 d747594bfa533f6df4021ec0230289f2
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 403286 4be3db86d8867bb882fee94008bc5246
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 158348 549784d01068073683bc83977403e545
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 3342172 b6572f524ddc2f0a90cb1b57ef53066a
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 112514 8dfad0f1400d292cafe84da604f849d8
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 204154 a09ecfc644a8bbb0f8a6d333afbc6b59
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 1583764 1d3bca34a075297f04f503831eea979c
http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_sparc.deb
Size/MD5 checksum: 168194 ad23c724cea9ef75bde64e0d5565e791
These files will probably be moved into the stable distribution on its next update. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .
This update provides the latest Firefox to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4571 http://www.mozilla.org/security/announce/2006/mfsa2006-57.html http://www.mozilla.org/security/announce/2006/mfsa2006-58.html http://www.mozilla.org/security/announce/2006/mfsa2006-59.html http://www.mozilla.org/security/announce/2006/mfsa2006-60.html http://www.mozilla.org/security/announce/2006/mfsa2006-61.html http://www.mozilla.org/security/announce/2006/mfsa2006-62.html http://www.mozilla.org/security/announce/2006/mfsa2006-64.html
Updated Packages:
Mandriva Linux 2006.0: 4e750ef25e44a1b493d2a61ad5f9a7a2 2006.0/i586/devhelp-0.10-7.2.20060mdk.i586.rpm e6cd690c11d4e8f352d2ce7bf0f7d4be 2006.0/i586/epiphany-1.8.5-4.2.20060mdk.i586.rpm b2f094942eca657f3dc7a8699cb8b776 2006.0/i586/epiphany-devel-1.8.5-4.2.20060mdk.i586.rpm c4ae8fc253aa1fe055ec4c1560205fab 2006.0/i586/epiphany-extensions-1.8.2-3.2.20060mdk.i586.rpm 08cde29a26e6ac2d0e3b629f660db9fe 2006.0/i586/galeon-2.0.1-1.2.20060mdk.i586.rpm 9c94b904a9f2c64090328edd73d0e1fa 2006.0/i586/libdevhelp-1_0-0.10-7.2.20060mdk.i586.rpm b5ad67818794371f50d63a611c79b45b 2006.0/i586/libdevhelp-1_0-devel-0.10-7.2.20060mdk.i586.rpm fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/i586/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm 770e8d6c5643c78f486ae2c115f7c740 2006.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm ffb123d21760cbba92a232dfb1150b7e 2006.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mdk.i586.rpm fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/i586/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/i586/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm 2596f8b787cea221c80a85fd0854f766 2006.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mdk.i586.rpm c912e48bd5138b8f42b24b3c34653a19 2006.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.i586.rpm 1a82466395715237df552070e51f6525 2006.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.i586.rpm 514de0cacb2462a8a6a26206ac18b617 2006.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.i586.rpm 70415104d0814a6e94c1997c0c464957 2006.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.i586.rpm c2b5a360abd1a8a3e78dd8e9df072b4c 2006.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.i586.rpm f8dd2e9e5a5e374782d9154b09ca7b7d 2006.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.i586.rpm a20a2bee8f26440b13294ef6247f66ec 2006.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.i586.rpm c60d356eddf74e8799b239a925b35953 2006.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.i586.rpm 5b4fbc76811530cfc20ef319daf2f577 2006.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.i586.rpm fdc7591dc15dce7e373f4e167fb2c769 2006.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.i586.rpm 00a17b297ea7b7ee31a3fca5d3109ffc 2006.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.i586.rpm 2bee9151bc0e40bf1ff22a9224643dcb 2006.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.i586.rpm 03285b22a86c82b8558467befb5fa04b 2006.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.i586.rpm f9dbe9c8d7b907e6c1a80f0bce2d9323 2006.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.i586.rpm 4e13ea6856a71514c569581e06515ae8 2006.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.i586.rpm 81b56a020127b1e9c41facb963e670be 2006.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.i586.rpm 3a14f0cee1271d5f4cfedc8967a2be45 2006.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.i586.rpm 9612ac69d69114d1da1dc1bfa6530d9b 2006.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.i586.rpm 9a47da16333b9c1d839e19420ab5c3a5 2006.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.i586.rpm ea5b214a43077114d8adaf184ba6ce61 2006.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.i586.rpm ebf899b39e850438dd4cfb1bbab9ba8d 2006.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.i586.rpm 18522be12bdda788de662d07d5a07e08 2006.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.i586.rpm 19a62453c05c0443aa2999a177d50dac 2006.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.i586.rpm 352aa6197b0b79025f5a71a3135d95c9 2006.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.i586.rpm 64b460d997ff70bf0ff50400c20a98e1 2006.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.i586.rpm 1f67f28a68d57baa96523ef05ccd1bbe 2006.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.i586.rpm f5b2681e10e6eb68e4fb9041262b65c5 2006.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.i586.rpm 8d47794342c430b50dc04f7d4c65cf9d 2006.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.i586.rpm d975c5d5ec3c8fed8846f02105ba4795 2006.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.i586.rpm 563d01331a992ec6ded54d5118bc10ad 2006.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.i586.rpm 4da569e782da6c5b98eab4862c335600 2006.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.i586.rpm 4a77a4d9b22704184694a1a0580440f5 2006.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.i586.rpm 0a153e8351a1ffdfadf067cdf9b2ee06 2006.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.i586.rpm e7ed42daf0c68890a34422d8f5b7dcf6 2006.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.i586.rpm 542ce6ba9713683b8a741ab921cd3e45 2006.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.i586.rpm 55c8c83ad72d6289bf1d45ea517b74ba 2006.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.i586.rpm 591beaf9e8abf8911f023fb147efe765 2006.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.i586.rpm 23b9d2502d7cb24aeea82f358a428ec2 2006.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.i586.rpm be8acdc18fe55ea8a9d0afc553bf21d3 2006.0/i586/yelp-2.10.0-6.2.20060mdk.i586.rpm 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 8f79a25451b9f41d48df89f996869cc7 2006.0/x86_64/devhelp-0.10-7.2.20060mdk.x86_64.rpm a9b851ddb7a77ee0f6d73c9a475658e0 2006.0/x86_64/epiphany-1.8.5-4.2.20060mdk.x86_64.rpm 606bb2a3ece209a7c260fd81d776c123 2006.0/x86_64/epiphany-devel-1.8.5-4.2.20060mdk.x86_64.rpm bb99bf7ed2e5608849cb9b0bcac49041 2006.0/x86_64/epiphany-extensions-1.8.2-3.2.20060mdk.x86_64.rpm 6caf5e05026177525d0d04225e5dcc4a 2006.0/x86_64/galeon-2.0.1-1.2.20060mdk.x86_64.rpm 2ef32f51f707beff08db88d61aab842d 2006.0/x86_64/lib64devhelp-1_0-0.10-7.2.20060mdk.x86_64.rpm 50b6716aa33e6065ce0ba0b107fb3a8c 2006.0/x86_64/lib64devhelp-1_0-devel-0.10-7.2.20060mdk.x86_64.rpm 0b3997e3f646af18f684fdce56194ae3 2006.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mdk.x86_64.rpm 75e63b4f3785b8c7fa4924d7f30be921 2006.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm cda6b659c2777c44fdde0ac3ab1fb11b 2006.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm 4f3e6424fa71a629be1b81415fe2b875 2006.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mdk.x86_64.rpm 7bd353454999969148524636267b68c5 2006.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/x86_64/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm 770e8d6c5643c78f486ae2c115f7c740 2006.0/x86_64/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/x86_64/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/x86_64/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm 561212c426f35a3e2393ad3acbf11bda 2006.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mdk.x86_64.rpm a4a76ca919cec68bef5ec0521e4185b2 2006.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.x86_64.rpm e23f698f02d78a8d8b2ac056e91f106a 2006.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.x86_64.rpm 1e815c45fb57ee56bd4d4258a8cda5ad 2006.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.x86_64.rpm 1c348254b80cec87c2b804825cdd8a5d 2006.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.x86_64.rpm 6eac0be09030f9ed629107600bcbf88f 2006.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.x86_64.rpm a06b4569f5392501df97fb209315782f 2006.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.x86_64.rpm 98aac82b44a66047d884b95f251cd6c5 2006.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.x86_64.rpm 9479078391f288562b612afff9cb994e 2006.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm 247dce39896e7230ffda5ca8bc58d736 2006.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.x86_64.rpm a86cb00b8b07cd45a1274ddc318de2bd 2006.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.x86_64.rpm 8ba8f4e4d9fcfef9f3cc4ac71b15c5df 2006.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.x86_64.rpm 4c477d0ef8c843b9416185508c9181a1 2006.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.x86_64.rpm 6e9c4c9c6ba8cfefd32e4d135943824d 2006.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.x86_64.rpm b8046ef3da338188287fa9a8ebfb9515 2006.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.x86_64.rpm 1609e86fa50ef7c5c3ef827bf47090e8 2006.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.x86_64.rpm 5cdf122cafadd7f2125d42246402e29d 2006.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.x86_64.rpm 75f82717c62d51d00ba25abcdf3e26a5 2006.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.x86_64.rpm 75b03be94bdea20dbbf361a3a295e4c9 2006.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.x86_64.rpm 672f36e40f7c5463b5e771bcaeae31af 2006.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.x86_64.rpm 8cf3e2082d406f71c4c7d3f638792e1e 2006.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.x86_64.rpm 4f0f77a0b9fd79a671857fd330933289 2006.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.x86_64.rpm b5c00962987efb764ea77e76c9734c79 2006.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.x86_64.rpm f788aefcdac5b098d8853a3ef4fe146c 2006.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.x86_64.rpm 4afff3966656a65b55290d08d446d864 2006.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.x86_64.rpm e63e4db3037a915ac24dca78e5ae8617 2006.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.x86_64.rpm 7e443e15233a3db5b76ae7c299d1e7d9 2006.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.x86_64.rpm 75ca84a45213c2d33d66b68c649dd875 2006.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.x86_64.rpm 7a8cd126f5f5c63d45efe79a1e78e94d 2006.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.x86_64.rpm 342155314a7801a1637d807e8ae8754d 2006.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.x86_64.rpm 359e5cb75905f2c08b49ecb1eccdf335 2006.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.x86_64.rpm fa480b18d46eaed805f8fe0c92f6a9fe 2006.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.x86_64.rpm 3233bb351b6c89deb25a6722df088e9a 2006.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.x86_64.rpm f1347555bb50e32c58ac3edba31f3d1a 2006.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.x86_64.rpm c20fd1c8861e74829879a63075fdf2f4 2006.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.x86_64.rpm 8c73daea2686e503d3367d112c4c691e 2006.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.x86_64.rpm 59d920837831e1a165ce19447066b4e5 2006.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.x86_64.rpm 869bea0fbfc6b2c65ab525d80aed03b9 2006.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.x86_64.rpm 1b867a3b0b7d8efd86377d0f0dcb67c3 2006.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.x86_64.rpm 12ab7912491456d673058667c8c0dc3a 2006.0/x86_64/yelp-2.10.0-6.2.20060mdk.x86_64.rpm 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm
Corporate 3.0: c106557de1e045e5840a453d710b63e7 corporate/3.0/i586/libnspr4-1.5.0.7-0.1.C30mdk.i586.rpm b5a3de7c01f7a4187f85bc66db242c67 corporate/3.0/i586/libnspr4-devel-1.5.0.7-0.1.C30mdk.i586.rpm 8d1cfeaf1cb031bc1ec4519994801b6a corporate/3.0/i586/libnspr4-static-devel-1.5.0.7-0.1.C30mdk.i586.rpm d08546a25f6e78701feed1d67d53fabd corporate/3.0/i586/libnss3-1.5.0.7-0.1.C30mdk.i586.rpm 3371ded40c0bd1a8e828d9e92aed09fd corporate/3.0/i586/libnss3-devel-1.5.0.7-0.1.C30mdk.i586.rpm 6d635b07ba60ed49fe27d4c633204520 corporate/3.0/i586/mozilla-firefox-1.5.0.7-0.1.C30mdk.i586.rpm aa83aaff11daa5889c9d36c928075341 corporate/3.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.i586.rpm 059c5de9e7a5f658cfbc692c913b3403 corporate/3.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.i586.rpm 63b8a1a7db1568964fe4dc1d32552f52 corporate/3.0/i586/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.i586.rpm cf48e548709250792e5a87c12db71cf1 corporate/3.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.i586.rpm 90c83713c4fd403c9999cf52c56eb282 corporate/3.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.i586.rpm 91279bd7d327c1a3bc0855cb06007f82 corporate/3.0/i586/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.i586.rpm 1fec2333c2988cc7cb7238d5bcf1812d corporate/3.0/i586/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.i586.rpm debf0c0ddd775793cd87fedcaefc5cf7 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.i586.rpm 6e9ec67c3a28bde55146ca1f475cb847 corporate/3.0/i586/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.i586.rpm 53c7defd9f6f8168990e4f4d4fa3a495 corporate/3.0/i586/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.i586.rpm 5ac67c7e12f4edd0429bc2f085e438e6 corporate/3.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.i586.rpm 5d4ac2f2cd3d6aecd52365e54aa85d66 corporate/3.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.i586.rpm aad00d0da3781f7165ed63df0276962d corporate/3.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.i586.rpm c531c8f33674e476980aa2cf112440bc corporate/3.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.i586.rpm 8f33047a9c560757a90831ea415ef814 corporate/3.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.i586.rpm ec0a957af4cd462f58c3d846a37d68b4 corporate/3.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.i586.rpm 1f8f0a6a7f962c1b1cf9d3dec38af0e2 corporate/3.0/i586/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.i586.rpm 354c14637e7df983f16903f46bf81171 corporate/3.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.i586.rpm b9fdd2f2db6f74ef240e23ace3a3a0c3 corporate/3.0/i586/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.i586.rpm 831a3b7c411cc716527dfe1c97d63de2 corporate/3.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.i586.rpm a89843c85143fa62e264f37df634b920 corporate/3.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.i586.rpm 382ff5621db369b06e9d76a41a4fa509 corporate/3.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.i586.rpm 4181358e7b0b84ff907bd5173be137d2 corporate/3.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.i586.rpm 6da617d32c9eb917180eddd62aeabf54 corporate/3.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.i586.rpm c0e559c0dc865c97435a918d77d690dd corporate/3.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.i586.rpm 05a64d9e97c0ec16b661d93e4c49ba93 corporate/3.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.i586.rpm ef2379b44f8e241a7811eee7031e9838 corporate/3.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.i586.rpm 08f36ddea8f0b8ad5decc76b6ebf7106 corporate/3.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.i586.rpm 9af857fcd8a7e98707ae77fcbd17e25d corporate/3.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.i586.rpm 5b23c90450de3a6ee1b879dafb4e0ebb corporate/3.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.i586.rpm 646d7d7ca0374da1d90c77ff827b7a3b corporate/3.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.i586.rpm 25746d2ce3a97f620f1c098daef474ed corporate/3.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.i586.rpm fb12bfb159f9d9a291e838cb6994daa5 corporate/3.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.i586.rpm 962b2b084cde62a28341c177d006b755 corporate/3.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.i586.rpm 784906446777df1d03ba5ac75e790104 corporate/3.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.i586.rpm 543df7658745731ec6341a1d46901e5e corporate/3.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.i586.rpm ef4728e96d4c1dadc4e9286022c6fc1a corporate/3.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.i586.rpm f974e234f39298065b5a120da2aad80f corporate/3.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.i586.rpm da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm
Corporate 3.0/X86_64: 38e5d39281cf8fe28ae400ef6880ed82 corporate/3.0/x86_64/lib64nspr4-1.5.0.7-0.1.C30mdk.x86_64.rpm 8594d09e78d9ec76bed9bb5bf9065a9d corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm 88ea20792afc414a8511312fc53c9973 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm 0749638fca3fc55a0c84b374c8ddce4c corporate/3.0/x86_64/lib64nss3-1.5.0.7-0.1.C30mdk.x86_64.rpm 3bd450c319eada8936baad026c0e7edc corporate/3.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm 86a6c461d4b783867fbf62dba98b76a0 corporate/3.0/x86_64/mozilla-firefox-1.5.0.7-0.1.C30mdk.x86_64.rpm fa3bdb060dc9933093cd59604e0e9770 corporate/3.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.x86_64.rpm cf50847d5e76e5a9b0cd9c48a156f919 corporate/3.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.x86_64.rpm 5251818cebcf07fdb025aded5d99f092 corporate/3.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.x86_64.rpm 1ae9e70895e0bfb45034d2cfa4c937b8 corporate/3.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.x86_64.rpm 3585c137dc33769069e8961fa5a7ae7b corporate/3.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.x86_64.rpm e10f6d78aa54d325f8a38d7f8729f1ac corporate/3.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.x86_64.rpm 62bd1fd39df7abf0ce81eb9d711f6d14 corporate/3.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.x86_64.rpm e34c011d455b576e4e27b20d4bc057db corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm aebe66911dac80623339aee380ec165a corporate/3.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.x86_64.rpm 3c5f109ae088242966604dce6338f07b corporate/3.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.x86_64.rpm 17ef425bc7fc131b9de3632fb92317d1 corporate/3.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.x86_64.rpm 15ea134fde2b507f46e6e4faf243135f corporate/3.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.x86_64.rpm ce6f4aa7a0fb1ac425afc5d915bb392d corporate/3.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.x86_64.rpm 13b0b693682e7def5e320473342cf4a0 corporate/3.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.x86_64.rpm d5fd81f204e46d15b6d1124376ab0930 corporate/3.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.x86_64.rpm cb389fc624d1961cf2ab00488bad7cef corporate/3.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.x86_64.rpm 3cd572d77c055bf562c3678c513ff3c8 corporate/3.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.x86_64.rpm ea7215256650d751ae2ce0d20812fa96 corporate/3.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.x86_64.rpm 57fcf8c6e9f251d3eb4f0096ca55cea3 corporate/3.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.x86_64.rpm d7f6310911b7e049876f7b70c16b8ccc corporate/3.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.x86_64.rpm 8c0b97b440922510631400b5aea900ac corporate/3.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.x86_64.rpm 8045c85ca598518aff6c7ead8f3fbf61 corporate/3.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.x86_64.rpm 996d7bb252cf32b3ddce18a90b4bb8d9 corporate/3.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.x86_64.rpm 5a3b346110144f79e05c20d13ac90663 corporate/3.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.x86_64.rpm c56729c0896b11a9e49875fe2b493872 corporate/3.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.x86_64.rpm da6306fcba9fba87d98f68208e752bf8 corporate/3.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.x86_64.rpm e94eca882ce53af3086bac6cf70076ea corporate/3.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.x86_64.rpm 810bc3ca66d52d5537ece20a12679fec corporate/3.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.x86_64.rpm c97bcde75d8118bb3d6c38428b811cc9 corporate/3.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.x86_64.rpm 629ec7999ae3fd23e36e2c6722847bbe corporate/3.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.x86_64.rpm ad435041d1138f8a38a0a0739cff18d8 corporate/3.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.x86_64.rpm f76501363a31bcd388f5edcc80881196 corporate/3.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.x86_64.rpm e400f4b7e77307c8c5ab1bc26691168a corporate/3.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.x86_64.rpm 126f45e769e463182b4ade57183684c1 corporate/3.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.x86_64.rpm 160b09d1c10d0b781d8c1a17779432ed corporate/3.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.x86_64.rpm c5c363d0552c8365bf5dc6a0936d28b2 corporate/3.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.x86_64.rpm c4baf08469f1dbea8924429a7ec7b86e corporate/3.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.x86_64.rpm b9ce84c78e92b6f5e75954ada2706722 corporate/3.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.x86_64.rpm da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm
Corporate 4.0: 64a0356cc8f1b1ffcdfdef3d8d146cc5 corporate/4.0/i586/libnspr4-1.5.0.7-0.1.20060mlcs4.i586.rpm 3f0b705031d1e95280e8194338b2d381 corporate/4.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm 1bba2e76f21b670f44ba65f8c92b67e1 corporate/4.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm cb10e515e0fad365a81273a9b620cbc7 corporate/4.0/i586/libnss3-1.5.0.7-0.1.20060mlcs4.i586.rpm 3534b6f0e0b64686aee7b0758ec33daf corporate/4.0/i586/libnss3-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm c3aa90658d2adeb4e6543426c493a0fe corporate/4.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.i586.rpm 122e2ce3928dd2898118533f45f851e1 corporate/4.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.i586.rpm 3ade855a9fc71980eec72c8dbc107ae3 corporate/4.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.i586.rpm c189b7b4b54f4bdf040635750df007f8 corporate/4.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.i586.rpm 360d587d53e2a9c47dfff8a9137f1b4c corporate/4.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.i586.rpm c2fa5da5d44a5f70bb49d5b4ba7e86e6 corporate/4.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.i586.rpm 5df7bf2ff4059259ed0b5ea9f3587cc3 corporate/4.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.i586.rpm 278a321f6ee5928135585f03a05ae642 corporate/4.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.i586.rpm cd37b5dfe36b72fb482be5abc4bbbba7 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm 9b49e02711849a4babedfa63c6aadefb corporate/4.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.i586.rpm d8293192b06e5a91df8314ecba17880e corporate/4.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.i586.rpm 5839e97fa06cca289121be5f33e9286d corporate/4.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.i586.rpm 34d184e85b53c369a713c08f66e601dc corporate/4.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.i586.rpm ab7b43c629095beee26dbb1381fbff9d corporate/4.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.i586.rpm 79cfc37305b6a3977d7c7333c7e883de corporate/4.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.i586.rpm 7e8f28d446d6e574d8a1521059c03144 corporate/4.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.i586.rpm 0d2dd482cc76fb0df96c0bc5f4fa5844 corporate/4.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.i586.rpm 58959b3a1d43cc2a666361804daa88f1 corporate/4.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.i586.rpm ded59cf4be8835dc0ada86add049ed86 corporate/4.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.i586.rpm 8afd66b33e600714238e360a127df36e corporate/4.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.i586.rpm ef6a89b44e3b120f1bae29217728f196 corporate/4.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.i586.rpm 1532d01d8123e87ee1103292ed95f68d corporate/4.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.i586.rpm 8c0667ab59c15a9b66097f5e86df7220 corporate/4.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.i586.rpm bcec75d2b059d123d6c21dae29baee00 corporate/4.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.i586.rpm f5afdfd15e40f4ec6323a8cac098cb78 corporate/4.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.i586.rpm 1544a7236d6a10521f89234feaff9435 corporate/4.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.i586.rpm 53834f537b0eacd3bb59a2ccc6a40ea6 corporate/4.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.i586.rpm 70171f6ba3c24b51ec29be154e129bce corporate/4.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.i586.rpm 4e64eee4ed44068cb9db5c77730c71b8 corporate/4.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.i586.rpm d990c04de7c285225c51067ff92d8a58 corporate/4.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.i586.rpm 04ee85bd5b28b12466bcd8189d4ae480 corporate/4.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.i586.rpm 222528603f2d88e4e46178620328ac7e corporate/4.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.i586.rpm caacac0ace4c80fbf0d917ea95070114 corporate/4.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.i586.rpm e4aabb47eacf2bcbb517e6890935d4e9 corporate/4.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.i586.rpm e55300aa65e586aba56e5b75c3d0f0d7 corporate/4.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.i586.rpm 8d857f4d255e86e4b1db933ab75a88b5 corporate/4.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.i586.rpm 0d4998a9483e67ad0a484d8535950401 corporate/4.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.i586.rpm 0677248472dd1f219ac4c633b3ae8427 corporate/4.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.i586.rpm 025ee723e8a157de742313163d8199e6 corporate/4.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.i586.rpm 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: e9362e7e9d164dcf20ac2dd178057783 corporate/4.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 27152d5c4d45cfe65038b90014f4b128 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm a520a8169e6f7fa9636c7434820263cc corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 73fa1146e61ddf2baea07f4e51b247a2 corporate/4.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 77c656121a9efaefb5bf8bea7416a190 corporate/4.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 1353fe3c1c7740891cca051691f2a844 corporate/4.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 6e547a34386d9220269f6971df84459b corporate/4.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 37bd5e53ce8bd1196991a1d48c7d3fc2 corporate/4.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.x86_64.rpm d8efb7b371fa3bc9d7dbda4d82bcea69 corporate/4.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.x86_64.rpm a4eb36d0ed16b308bf8146758468f720 corporate/4.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 1f3f6299c228a51c39dd9036d501baf3 corporate/4.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b7ed3aee73652f317d41612746b7f79e corporate/4.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.x86_64.rpm aa5e7732031b216f6cc4552b7e5bfe22 corporate/4.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b99863ae0bc816222fec7afd596b4b38 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 22b5ef994c3f38b7b5a63808f0ef9c47 corporate/4.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.x86_64.rpm a5033ebf881cab82e063df8ffe29e22b corporate/4.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 387dfb400ed59319e932a19e2dd4fe09 corporate/4.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 2a114b7e832d12fad87f2ad76ed89a7d corporate/4.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm eced7a780c5f758eef5a0f71f43ed261 corporate/4.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 854bc6729675ed8670330f3da1e520b2 corporate/4.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b73ac49803411c5afb96d87cde8a89c9 corporate/4.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.x86_64.rpm ca9a93da5b7f4dfc1eca188267891a66 corporate/4.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 267f8dc1ca9e04115050a311eebd00f1 corporate/4.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 516850fa1de5417fdb96ab50fee1504f corporate/4.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm ec13f241ff41c46590e31fd8339ffae7 corporate/4.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 00eddff4c17ce23c148cbb2bfd27bc59 corporate/4.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 896cc9b5af7e66ddbf67ad819083a9aa corporate/4.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 52a752441fc870f33e792860ec328ecd corporate/4.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b418b4371503ed9502ca7eab01c6d86e corporate/4.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 801a63774bfd94ac7e292b97bc1c88a6 corporate/4.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 4998a34e227bcd0de4c64a08198cda13 corporate/4.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 0f809660f4c1e45133fc01003acee854 corporate/4.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm da3f053868769c3d1705158b925a3312 corporate/4.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm b53c13931bdcebb9dec07ccb7512cc0d corporate/4.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 431f220901edaf32f504ee6dfd7d8262 corporate/4.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 45d21d5351be8762640ae3038458c6b8 corporate/4.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 3bb59b3ca297d90181276683db70ceb7 corporate/4.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.x86_64.rpm cce30e727a3dba740a537ec0040248f2 corporate/4.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 7221b6655d4061eb29ed5150f87b3706 corporate/4.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm dd7c39076b8bb01d1b4432ba9cb29f12 corporate/4.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.x86_64.rpm cacf45d88765c0c26d7256e5f392c2df corporate/4.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 703558369cbe9e4920eab509134d3a7e corporate/4.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 817fd873fb5f997916d61b2cf078d2c3 corporate/4.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm fe95060a37a586f98f5c3683131a9ef2 corporate/4.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.x86_64.rpm 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig38FF09D81E6F0DF2DC736FD8 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable
Gentoo Linux Security Advisory GLSA 200609-19
http://security.gentoo.org/
Severity: Normal Title: Mozilla Firefox: Multiple vulnerabilities Date: September 28, 2006 Bugs: #147652 ID: 200609-19
Synopsis =3D=3D=3D=3D=3D=3D=3D=3D
The Mozilla Foundation has reported numerous vulnerabilities in Mozilla Firefox, including one that may allow execution of arbitrary code.
Background =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Mozilla Firefox is a redesign of the Mozilla Navigator component. The goal is to produce a cross-platform, stand-alone browser application.
Affected packages =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/mozilla-firefox < 1.5.0.7 >=3D 1.5.0.7=
2 www-client/mozilla-firefox-bin < 1.5.0.7 >=3D 1.5.0.7=
-------------------------------------------------------------------
2 affected packages on all of their supported architectures.
-------------------------------------------------------------------
Description =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
A number of vulnerabilities were found and fixed in Mozilla Firefox. For details please consult the references below.
Impact =3D=3D=3D=3D=3D=3D
The most severe vulnerability involves enticing a user to visit a malicious website, crashing the browser and executing arbitrary code with the rights of the user running the application.
Workaround =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
There is no known workaround at this time.
Resolution =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
All Mozilla Firefox users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose=20
">=3Dwww-client/mozilla-firefox-1.5.0.7"
Users of the binary package should upgrade as well:
# emerge --sync
# emerge --ask --oneshot --verbose=20
">=3Dwww-client/mozilla-firefox-bin-1.5.0.7"
References =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
[ 1 ] CVE-2006-4253 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4253 [ 2 ] CVE-2006-4340 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4340 [ 3 ] CVE-2006-4565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4565 [ 4 ] CVE-2006-4566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4566 [ 5 ] CVE-2006-4567 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4567 [ 6 ] CVE-2006-4568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4568 [ 7 ] CVE-2006-4569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4569 [ 8 ] CVE-2006-4571 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4571
Availability =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200609-19.xml
Concerns? =3D=3D=3D=3D=3D=3D=3D=3D=3D
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License =3D=3D=3D=3D=3D=3D=3D
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA06-333A
Apple Releases Security Update to Address Multiple Vulnerabilities
Original release date: November 29, 2006 Last revised: -- Source: US-CERT
Systems Affected
* Apple Mac OS X version 10.3.x and 10.4.x
* Apple Mac OS X Server version 10.3.x and 10.4.x
* Apple Safari web browser
These vulnerabilities affect both Intel-based and PowerPC-based Apple systems.
Overview
Apple has released Security Update 2006-007 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser. Vulnerabilities in OpenSSL, gzip, and other products are also addressed. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service.
I. Description
Apple Security Update 2006-007 addresses a number of vulnerabilities affecting Mac OS X, OS X Server, Safari web browser, and other products. Further details are available in the related vulnerability notes.
This security update also addresses previously known vulnerabilities in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. Information is also available through the OpenSSL vulnerabilities page. Information about the vulnerabilities in gzip is available in a series of vulnerability notes.
II. Impact
The impacts of these vulnerabilities vary. For specific details, see the appropriate vulnerability notes. Potential consequences include remote execution of arbitrary code or commands, bypass of security restrictions, and denial of service.
III. Solution
Install updates
Install Apple Security Update 2006-007.
IV. References
* Vulnerability Notes for Apple Security Update 2006-007 -
<http://www.kb.cert.org/vuls/byid?searchview&query=apple-2006-007>
* Vulnerability Notes for OpenSSL Security Advisory [28th September
2006] -
http://www.kb.cert.org/vuls/byid?searchview&query=openssl_secadv_20060928
* Vulnerability Note VU#845620 -
<http://www.kb.cert.org/vuls/id/845620>
* Vulnerability Note VU#933712 -
<http://www.kb.cert.org/vuls/id/933712>
* Vulnerability Note VU#381508 -
<http://www.kb.cert.org/vuls/id/381508>
* Vulnerability Note VU#554780 -
<http://www.kb.cert.org/vuls/id/554780>
* Vulnerability Note VU#596848 -
<http://www.kb.cert.org/vuls/id/596848>
* Vulnerability Note VU#773548 -
<http://www.kb.cert.org/vuls/id/773548>
* About the security content of Security Update 2006-007 -
<http://docs.info.apple.com/article.html?artnum=304829>
* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>
* Apple Downloads - <http://www.apple.com/support/downloads/>
* OpenSSL: OpenSSL vulnerabilities -
<http://www.openssl.org/news/vulnerabilities.html>
* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Safari>
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA06-333A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA06-333A Feedback VU#191336" in the subject.
Produced 2006 by US-CERT, a government organization.
Terms of use:
http://www.us-cert.gov/legal.html
Revision History
November 29, 2006: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6 lJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz iN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7 xr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf 8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q A580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg== =f7N+ -----END PGP SIGNATURE----- . Other vulnerabilities include program crashes and the acceptance of forged certificates.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0171",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": "firefox",
"scope": "lte",
"trust": 1.8,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": "network security services",
"scope": "lte",
"trust": 1.8,
"vendor": "mozilla",
"version": "3.11.2"
},
{
"model": "seamonkey",
"scope": "lte",
"trust": 1.8,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"model": "thunderbird",
"scope": "lte",
"trust": 1.8,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 10 sparc for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 10 x86 for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 8 sparc for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 8 x86 for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 9 sparc for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 9 x86 for )"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.6,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.6,
"vendor": "mozilla",
"version": "3.11.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.6,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.6,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-270"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.0.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.0.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.11.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Bleichenbacher",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-270"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4340",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2006-4340",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-4340",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4340",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#773548",
"trust": 0.8,
"value": "1.57"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-270",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-270"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. A buffer overflow vulnerability in an OpenSSL library function could allow a remote attacker to execute code on an affected system. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\ngzip Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA21996\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21996/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\ngzip 1.x\nhttp://secunia.com/product/4220/\n\nDESCRIPTION:\nTavis Ormandy has reported some vulnerabilities in gzip, which can be\nexploited by malicious people to cause a DoS (Denial of Service) and\npotentially compromise a vulnerable system. \n\n1) A boundary error within the \"make_table()\" function in unlzh.c can\nbe used to modify certain stack data. tricking\na user or automated system into unpacking a specially crafted archive\nfile. tricking a user or\nautomated system into unpacking a specially crafted \"pack\" archive\nfile. \n\n3) A buffer overflow within the \"make_table()\" function of gzip\u0027s LZH\nsupport can be exploited to cause a DoS and potentially to compromise\na vulnerable system by e.g. tricking a user or automated system into\nunpacking an archive containing a specially crafted decoding table. \n\n4) A NULL pointer dereference within the \"huft_build()\" function and\nan infinite loop within the LZH handling can be exploited to cause a\nDoS by e.g. tricking a user or automated system into unpacking a\nspecially crafted archive file. \n\nThe vulnerabilities have been reported in version 1.3.5. \n\nSOLUTION:\nDo not unpack untrusted archive files. \n\nPROVIDED AND/OR DISCOVERED BY:\nTavis Ormandy, Google Security Team\n\nORIGINAL ADVISORY:\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676\n\nOTHER REFERENCES:\nUS-CERT VU#554780:\nhttp://www.kb.cert.org/vuls/id/554780\n\nUS-CERT VU#381508:\nhttp://www.kb.cert.org/vuls/id/381508\n\nUS-CERT VU#773548:\nhttp://www.kb.cert.org/vuls/id/773548\n\nUS-CERT VU#933712:\nhttp://www.kb.cert.org/vuls/id/933712\n\nUS-CERT VU#596848\nhttp://www.kb.cert.org/vuls/id/596848\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nBackground\n==========\n\nThe Mozilla Network Security Service is a library implementing security\nfeatures like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12,\nS/MIME and X.509 certificates. This impacts any software using the NSS library, like the\nMozilla products Firefox, Thunderbird and Seamonkey. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1192-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nOctober 6th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2006-2788 CVE-2006-4340 CVE-2006-4565 CVE-2006-4566\n CVE-2006-4568 CVE-2006-4570 CVE-2006-4571\nBugTraq ID : 20042\n\nSeveral security related problems have been discovered in Mozilla and\nderived products. \n\nCVE-2006-4340\n\n Daniel Bleichenbacher recently described an implementation error\n in RSA signature verification that cause the application to\n incorrectly trust SSL certificates. \n\nCVE-2006-4570\n\n Georgi Guninski demonstrated that even with JavaScript disabled in\n mail (the default) an attacker can still execute JavaScript when a\n mail message is viewed, replied to, or forwarded. \n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.7.8-1sarge7.3.1. \n\nWe recommend that you upgrade your Mozilla package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1.dsc\n Size/MD5 checksum: 1131 d15b48d8e6d5bb470cffefdb98fd8c58\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1.diff.gz\n Size/MD5 checksum: 565099 9539b911c438e419cee16fdce5ccebb1\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz\n Size/MD5 checksum: 30589520 13c0f0331617748426679e8f2e9f537a\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 168064 ebdd93280990a822fe619b20d2c5651b\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 147992 527d6cfc2f148b2b57a5710e927d2f7d\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 184944 6b61d08d769e011cbd2c90e8fb45c13b\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 857794 f734aa2ccf548cd02f29c41af248191b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 1038 03fa5f515ce9cf9ee8b6909112e67241\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 11492210 6370fe9a4502211f03d1c556db10a9a9\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 403278 be6c2e243d2690311b9ebd3f39d0699d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 158336 6e0d851b64e2eef0a971ec836bf1d8be\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 3358952 739167a1d53ef3fea8d48ac68a0ff985\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 122296 6fdf00b74974a4e264d5ad8cc211d10a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 204154 17bc334d8f76a7f53f4e1bf8487dc47a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 1937186 381885d5a06821864c32f351b37dc906\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_alpha.deb\n Size/MD5 checksum: 212632 bb11ae317c16108ca9320317eef099c7\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 168068 a6ec123adfd2fcbf9408596b5c73b9d4\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 147080 9152fff3ba0fbf2a2bf5460d8c96cb5f\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 184956 524afa513ee220128c8524c1205ef8f5\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 715998 08791e74ecdf20de41e5f19d94a716ca\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 1036 6742c0d8e01ba7280ee2517b02a0692a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 10958842 2dd4d59281c666921689dab18cc97a7f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 403286 ae407a2bc00ed600a3e4381bf4b2f5fa\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 158332 9dc4bdb8e22d6a43a426768e1159465a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 3352976 007632e26f24148508945746e9b38808\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 121182 0b6333f64e2c554b0714ab2300a231f2\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 204176 ddf17971c28fb17165bc67136e899437\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 1936044 5595ca57ce7bad38f20e8d096e263719\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_amd64.deb\n Size/MD5 checksum: 204450 d2da3c40abbd17b414db5eae5075dbd5\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 168072 ff2516439a6a9142f390711efb348ad8\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 125426 a4c096f68b567473cedf980a41b7841e\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 184972 958ce2289c9f9001c05c6fcbcb5c8a71\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 633292 f9ae3102e3e1db4c7193cc647108affc\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 1038 c615211b7d148e6914ccc8206ae72269\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 9220338 f018149aeceba69d07abd6ccf40511f8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 403324 791115daa9842a854c101152b2aa53e8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 158364 ea384cea48bab4655a5b155b670dcbbe\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 3342410 147a1d3e30e68d492d1606d8f5b75e8b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 112668 151c1100ded9a89a7dca01496f657bde\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 204172 ed28f22bc9063cd418041f1212cc3a01\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 1604524 311d5cd9eaab1aaa9bb10ec44f1b43b8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_arm.deb\n Size/MD5 checksum: 169016 e827fe7370f7f3766230765c66e1b9ed\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 168070 64581dd9cc92cd679ee2fc0ee61db9f5\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 157996 716faceb18fb7018141b84f51c6503a7\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 184952 10cf87ce4aac77800d045012455f52b7\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 756042 44e58475246ab2da5fce46332b9bed8f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 1042 5cbd847400e085f61ce114727dc400e6\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 12176912 0d2a27beadca59f8eb2102d1a032b351\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 403290 0640f6da79eab04ce3fb60f52f235763\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 158358 c748bbf13608c462fa51a7c200344324\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 3359202 f9182415beea6800a2799ef66853f001\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 123514 efafd42607f1d4219906f39f1153f56d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 204170 5f500679a2fbb03620fe96e5a9e66615\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 2135248 fbdad52922d54cbbd93b2c07435f114b\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_hppa.deb\n Size/MD5 checksum: 216440 bfbe9cda6e01d1f17872512935be0699\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 170352 93c0132757c2f5927cbcd3edbc6c50e1\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 137902 746c7c10db2d40314da82cfbfe68b21b\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 187134 448048f13343dd917bf8e5b4aebc9c6c\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 662738 c6c6a485eddccd6827e459d5a3ef1802\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 1032 7dba2a502de330766b38b3de3415bb96\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 10349414 3433a083e8caf92aeccd640fa8e3051c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 403516 f2bf1fe26de0867f652d0279ee09a2ce\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 158364 5efe6a701d8ec73f9b68c99f6ed8743a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 3595032 20d25e4e398ee8e061023c051202ead0\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 116690 832936b80e72faa976f9b88cf7bbce1e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 204166 8232c7007d5674ec81cadb21e1152192\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 1816124 d86ab51a3bae24c0c15812c09a6d5aca\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_i386.deb\n Size/MD5 checksum: 192792 f6aa69247beb6d659fceeda712570211\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 168064 c7e380c8c28cb27c75f0eb4f5308ce0f\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 175418 51df9210069ec76233e987faf7332f73\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 184940 fa8414c133c69fcbc757eb5a973fd619\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 968238 1325acd2d3c6cd55da5862c4cc37c7e7\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 1034 7cb96d17eca85528e75571e908eea762\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 12965968 c806fe57cad11be3e517ae32a9bf8a74\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 403278 38b8e1dee5235aba18f4481e8358e17a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 158342 92e3349223f0ce8018df4a5e3dd3d284\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 3378668 afbbe0a2a0388afa336f0fa5b2e9b375\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 125586 f628ec3a2a0e9ffd882349a4748b5bb5\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 204164 b64822e5541dbf9ce18c25c3c57a727c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 2302358 89a93b8c9f670c25508881335159d695\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_ia64.deb\n Size/MD5 checksum: 242930 62fc9a87649de2ecef2a39542c470857\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 168078 c3b7aa1b816f29a98e4a111cb8eee55b\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 127086 70b2e18c48d5fa16a42ea2c230841434\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 184992 b243567f7524c97f6d32ef7acfd419cd\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 601300 39d6c017e68ea837f0ce4da5fed30499\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 1044 70236bff1f5c7409fa727dbb9125aaa0\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 9717226 5ba4f9b972b837b6007874872dd3b352\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 403386 fff7cf6c197cb493e92daf6d41d26e34\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 158420 701da929538dad73aec9fdc68cdcf749\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 3338098 a046f1d0df0784228383a9e8406d7a65\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 114484 669b9051c0991e44bda2db410c91cb95\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 204216 99c53a9c2f2350a4a1a9d39c78054047\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 1683242 aa2ed286b86606c51481d4a51729b1f9\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_m68k.deb\n Size/MD5 checksum: 175022 504150e924b5ad04892b29e06646d9e5\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 168068 986e98f644a1ce7e41c8b66ea64a78d3\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 141958 9d48c8ead5b703ec59e151fe015017a9\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 184944 8c22e740e0f30065e3e2555470a7400e\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 727008 4eb13d18c10aba6970877152605932d6\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 1042 a03a2cb21c195c0be9fddc05bc36ae2a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 10738234 765f082c174e71fcf336a1a05d4da21e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 403294 321aad797e8afc4d201f2e2f5b2aa451\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 158346 83a396e806b4d7d0f488081d0f573adf\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 3358822 e9c2a6ec923da290335ca1251b871ea3\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 117644 1b60a2916cd066c5e8ee1bc615b549ba\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 204164 0b7ec0de758949ede920d1fda470b406\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 1795554 1ecdca7f3d0175d64d1320cccb3e4c97\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_mips.deb\n Size/MD5 checksum: 190110 d507d038190177f2a07a236770596b43\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 168076 daeb11c43fcdae32f8107fc870d413ea\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 141908 58052e46884d461b22cf6308183d8104\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 184954 793c3b33874d48779520cbb302ccf07d\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 716464 ca48760ff0f4621ee9562aa839358520\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 1042 9f3f22a5debbcc2e8dfc009d97e35d2e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 10617798 9fde4aa43c30493758af5c0d27248a85\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 403288 15fd9ac211379c4a53d1a00002f1954d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 158330 62e83130300fef744be42b911f872701\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 3359560 9af2ab0f437e08b5936c7cd56a181b63\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 117204 2c2503930b8b58af5e74ad2d1270591d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 204156 0bb224941755465b55ff6df8cec8cfcb\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 1777612 cbcf8085e6ec3a7ba97b0e751b5345c4\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_mipsel.deb\n Size/MD5 checksum: 187622 9bc6ba814ade0445aff6d5a9c4d3a696\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 168074 d7b4a7c5bbe3baac5133c3fa1a265e07\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 132428 774701aa5761a72b48719cc3c90b95e7\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 184956 7b79f2e6d9d4cba7c9b8ab88b2232604\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 720214 ef13301949fb2cb87c0f2464220bfad0\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 1042 b11e9180cd97514ea791541dc51c6e5d\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 9711648 8c107826f2ec6cca249be5f1042dea0e\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 403292 12e27826c444ab1f8c5afd88f154fbcb\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 158356 affeb35493057105a7dfd89bba5d40dd\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 3341204 ad03912ca42d8d14ab7b269e30c444b1\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 114582 3c198af3d33673a9d6f2e7c1cec00e4f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 204176 a6d09e9b630d9210a1cf1ffbc81c8569\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 1643154 2d343f903c492177885ee167aa89eb7a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_powerpc.deb\n Size/MD5 checksum: 175816 8e2eddbd5631017cb725b69e1e493143\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 168072 181bd53f98bae36e2c65617f7d19d3dd\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 157706 4841fbcddea3c973c0e58f650b02be0a\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 184944 3676098265fe184b29eeaeb5600fb0b0\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 800404 d59043ee3f8de6109ded310eb2676caa\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 1038 f2edb972286fb96d781b6eedda318047\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 11339772 1d4d0d4737b0da240db0aa3d64f740de\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 403280 4a628c6906de57be839683efc0e75385\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 158330 d948a64b56af65bcef8ea69095d2c7f0\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 3353612 fdd6c8b25715b6bd4a19afa9a1f6d6de\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 121366 c9a927eaf8fdd5e81ec5e4ccd65cbfcc\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 204170 db1baf6a69237d2ad992312f7e49e06f\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 1944792 7c2ccc266fed2030012e957b1e8468b5\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_s390.deb\n Size/MD5 checksum: 213644 610bee894928b26d2b807525e5cae97e\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 168068 6fcfd42726a291edb1cfd61e2f11a984\n http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 129660 f339731cd85d092184e8d645692b6a46\n http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 184956 753e6c5c8897c8b295069be4aedcc55b\n http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 674042 57126ff0e746ea6353e94c9cd12f19de\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 1040 c67300bde176389372c7fc1c165f5976\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 9384000 d747594bfa533f6df4021ec0230289f2\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 403286 4be3db86d8867bb882fee94008bc5246\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 158348 549784d01068073683bc83977403e545\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 3342172 b6572f524ddc2f0a90cb1b57ef53066a\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 112514 8dfad0f1400d292cafe84da604f849d8\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 204154 a09ecfc644a8bbb0f8a6d333afbc6b59\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 1583764 1d3bca34a075297f04f503831eea979c\n http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_sparc.deb\n Size/MD5 checksum: 168194 ad23c724cea9ef75bde64e0d5565e791\n\n\n These files will probably be moved into the stable distribution on\n its next update. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\n This update provides the latest Firefox to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4568\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4571\n http://www.mozilla.org/security/announce/2006/mfsa2006-57.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-58.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-59.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-60.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-61.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-62.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-64.html\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 4e750ef25e44a1b493d2a61ad5f9a7a2 2006.0/i586/devhelp-0.10-7.2.20060mdk.i586.rpm\n e6cd690c11d4e8f352d2ce7bf0f7d4be 2006.0/i586/epiphany-1.8.5-4.2.20060mdk.i586.rpm\n b2f094942eca657f3dc7a8699cb8b776 2006.0/i586/epiphany-devel-1.8.5-4.2.20060mdk.i586.rpm\n c4ae8fc253aa1fe055ec4c1560205fab 2006.0/i586/epiphany-extensions-1.8.2-3.2.20060mdk.i586.rpm\n 08cde29a26e6ac2d0e3b629f660db9fe 2006.0/i586/galeon-2.0.1-1.2.20060mdk.i586.rpm\n 9c94b904a9f2c64090328edd73d0e1fa 2006.0/i586/libdevhelp-1_0-0.10-7.2.20060mdk.i586.rpm\n b5ad67818794371f50d63a611c79b45b 2006.0/i586/libdevhelp-1_0-devel-0.10-7.2.20060mdk.i586.rpm\n fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/i586/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm\n 770e8d6c5643c78f486ae2c115f7c740 2006.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n ffb123d21760cbba92a232dfb1150b7e 2006.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/i586/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm\n 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/i586/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n 2596f8b787cea221c80a85fd0854f766 2006.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mdk.i586.rpm\n c912e48bd5138b8f42b24b3c34653a19 2006.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.i586.rpm\n 1a82466395715237df552070e51f6525 2006.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.i586.rpm\n 514de0cacb2462a8a6a26206ac18b617 2006.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.i586.rpm\n 70415104d0814a6e94c1997c0c464957 2006.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.i586.rpm\n c2b5a360abd1a8a3e78dd8e9df072b4c 2006.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.i586.rpm\n f8dd2e9e5a5e374782d9154b09ca7b7d 2006.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.i586.rpm\n a20a2bee8f26440b13294ef6247f66ec 2006.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.i586.rpm\n c60d356eddf74e8799b239a925b35953 2006.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n 5b4fbc76811530cfc20ef319daf2f577 2006.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.i586.rpm\n fdc7591dc15dce7e373f4e167fb2c769 2006.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.i586.rpm\n 00a17b297ea7b7ee31a3fca5d3109ffc 2006.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.i586.rpm\n 2bee9151bc0e40bf1ff22a9224643dcb 2006.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.i586.rpm\n 03285b22a86c82b8558467befb5fa04b 2006.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.i586.rpm\n f9dbe9c8d7b907e6c1a80f0bce2d9323 2006.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.i586.rpm\n 4e13ea6856a71514c569581e06515ae8 2006.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.i586.rpm\n 81b56a020127b1e9c41facb963e670be 2006.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.i586.rpm\n 3a14f0cee1271d5f4cfedc8967a2be45 2006.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.i586.rpm\n 9612ac69d69114d1da1dc1bfa6530d9b 2006.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.i586.rpm\n 9a47da16333b9c1d839e19420ab5c3a5 2006.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.i586.rpm\n ea5b214a43077114d8adaf184ba6ce61 2006.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.i586.rpm\n ebf899b39e850438dd4cfb1bbab9ba8d 2006.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.i586.rpm\n 18522be12bdda788de662d07d5a07e08 2006.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.i586.rpm\n 19a62453c05c0443aa2999a177d50dac 2006.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.i586.rpm\n 352aa6197b0b79025f5a71a3135d95c9 2006.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.i586.rpm\n 64b460d997ff70bf0ff50400c20a98e1 2006.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.i586.rpm\n 1f67f28a68d57baa96523ef05ccd1bbe 2006.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.i586.rpm\n f5b2681e10e6eb68e4fb9041262b65c5 2006.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.i586.rpm\n 8d47794342c430b50dc04f7d4c65cf9d 2006.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.i586.rpm\n d975c5d5ec3c8fed8846f02105ba4795 2006.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.i586.rpm\n 563d01331a992ec6ded54d5118bc10ad 2006.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.i586.rpm\n 4da569e782da6c5b98eab4862c335600 2006.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.i586.rpm\n 4a77a4d9b22704184694a1a0580440f5 2006.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.i586.rpm\n 0a153e8351a1ffdfadf067cdf9b2ee06 2006.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.i586.rpm\n e7ed42daf0c68890a34422d8f5b7dcf6 2006.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.i586.rpm\n 542ce6ba9713683b8a741ab921cd3e45 2006.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.i586.rpm\n 55c8c83ad72d6289bf1d45ea517b74ba 2006.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.i586.rpm\n 591beaf9e8abf8911f023fb147efe765 2006.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.i586.rpm\n 23b9d2502d7cb24aeea82f358a428ec2 2006.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.i586.rpm\n be8acdc18fe55ea8a9d0afc553bf21d3 2006.0/i586/yelp-2.10.0-6.2.20060mdk.i586.rpm \n 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm\n bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm\n b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm\n 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm\n 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm\n 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm\n 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 8f79a25451b9f41d48df89f996869cc7 2006.0/x86_64/devhelp-0.10-7.2.20060mdk.x86_64.rpm\n a9b851ddb7a77ee0f6d73c9a475658e0 2006.0/x86_64/epiphany-1.8.5-4.2.20060mdk.x86_64.rpm\n 606bb2a3ece209a7c260fd81d776c123 2006.0/x86_64/epiphany-devel-1.8.5-4.2.20060mdk.x86_64.rpm\n bb99bf7ed2e5608849cb9b0bcac49041 2006.0/x86_64/epiphany-extensions-1.8.2-3.2.20060mdk.x86_64.rpm\n 6caf5e05026177525d0d04225e5dcc4a 2006.0/x86_64/galeon-2.0.1-1.2.20060mdk.x86_64.rpm\n 2ef32f51f707beff08db88d61aab842d 2006.0/x86_64/lib64devhelp-1_0-0.10-7.2.20060mdk.x86_64.rpm\n 50b6716aa33e6065ce0ba0b107fb3a8c 2006.0/x86_64/lib64devhelp-1_0-devel-0.10-7.2.20060mdk.x86_64.rpm\n 0b3997e3f646af18f684fdce56194ae3 2006.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75e63b4f3785b8c7fa4924d7f30be921 2006.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n cda6b659c2777c44fdde0ac3ab1fb11b 2006.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4f3e6424fa71a629be1b81415fe2b875 2006.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 7bd353454999969148524636267b68c5 2006.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n fe0707524f8f3b4e1dcfe80c8bec0190 2006.0/x86_64/libnspr4-1.5.0.7-0.1.20060mdk.i586.rpm\n 770e8d6c5643c78f486ae2c115f7c740 2006.0/x86_64/libnspr4-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n fafbff86e6f1d44b7d1ad3e5f1f24860 2006.0/x86_64/libnss3-1.5.0.7-0.1.20060mdk.i586.rpm\n 41c8df68fb4c2d8d37440d1dea73f8c6 2006.0/x86_64/libnss3-devel-1.5.0.7-0.1.20060mdk.i586.rpm\n 561212c426f35a3e2393ad3acbf11bda 2006.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mdk.x86_64.rpm\n a4a76ca919cec68bef5ec0521e4185b2 2006.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mdk.x86_64.rpm\n e23f698f02d78a8d8b2ac056e91f106a 2006.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1e815c45fb57ee56bd4d4258a8cda5ad 2006.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1c348254b80cec87c2b804825cdd8a5d 2006.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 6eac0be09030f9ed629107600bcbf88f 2006.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mdk.x86_64.rpm\n a06b4569f5392501df97fb209315782f 2006.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 98aac82b44a66047d884b95f251cd6c5 2006.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 9479078391f288562b612afff9cb994e 2006.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 247dce39896e7230ffda5ca8bc58d736 2006.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mdk.x86_64.rpm\n a86cb00b8b07cd45a1274ddc318de2bd 2006.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 8ba8f4e4d9fcfef9f3cc4ac71b15c5df 2006.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4c477d0ef8c843b9416185508c9181a1 2006.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 6e9c4c9c6ba8cfefd32e4d135943824d 2006.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mdk.x86_64.rpm\n b8046ef3da338188287fa9a8ebfb9515 2006.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1609e86fa50ef7c5c3ef827bf47090e8 2006.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 5cdf122cafadd7f2125d42246402e29d 2006.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75f82717c62d51d00ba25abcdf3e26a5 2006.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75b03be94bdea20dbbf361a3a295e4c9 2006.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 672f36e40f7c5463b5e771bcaeae31af 2006.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 8cf3e2082d406f71c4c7d3f638792e1e 2006.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4f0f77a0b9fd79a671857fd330933289 2006.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mdk.x86_64.rpm\n b5c00962987efb764ea77e76c9734c79 2006.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mdk.x86_64.rpm\n f788aefcdac5b098d8853a3ef4fe146c 2006.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 4afff3966656a65b55290d08d446d864 2006.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mdk.x86_64.rpm\n e63e4db3037a915ac24dca78e5ae8617 2006.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 7e443e15233a3db5b76ae7c299d1e7d9 2006.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 75ca84a45213c2d33d66b68c649dd875 2006.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 7a8cd126f5f5c63d45efe79a1e78e94d 2006.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 342155314a7801a1637d807e8ae8754d 2006.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 359e5cb75905f2c08b49ecb1eccdf335 2006.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mdk.x86_64.rpm\n fa480b18d46eaed805f8fe0c92f6a9fe 2006.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 3233bb351b6c89deb25a6722df088e9a 2006.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mdk.x86_64.rpm\n f1347555bb50e32c58ac3edba31f3d1a 2006.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mdk.x86_64.rpm\n c20fd1c8861e74829879a63075fdf2f4 2006.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 8c73daea2686e503d3367d112c4c691e 2006.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 59d920837831e1a165ce19447066b4e5 2006.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 869bea0fbfc6b2c65ab525d80aed03b9 2006.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 1b867a3b0b7d8efd86377d0f0dcb67c3 2006.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mdk.x86_64.rpm\n 12ab7912491456d673058667c8c0dc3a 2006.0/x86_64/yelp-2.10.0-6.2.20060mdk.x86_64.rpm \n 8dd982b67f6a2663b557730db744f74e 2006.0/SRPMS/devhelp-0.10-7.2.20060mdk.src.rpm\n bb825c0cbdca42497eb6d486ca2d2d98 2006.0/SRPMS/epiphany-1.8.5-4.2.20060mdk.src.rpm\n b3bbcb7f0e3dfa05ca9344f2710c3a94 2006.0/SRPMS/epiphany-extensions-1.8.2-3.2.20060mdk.src.rpm\n 7d238bc6883ebbd3e1a284ec06d972df 2006.0/SRPMS/galeon-2.0.1-1.2.20060mdk.src.rpm\n 77efc529087ba7362d54559385d5cc2d 2006.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mdk.src.rpm\n 1143a2a6ab3f937660bf4d11dfb68313 2006.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mdk.src.rpm\n 8b9dd1db87f3824c088f4e1b58eb8224 2006.0/SRPMS/yelp-2.10.0-6.2.20060mdk.src.rpm\n\n Corporate 3.0:\n c106557de1e045e5840a453d710b63e7 corporate/3.0/i586/libnspr4-1.5.0.7-0.1.C30mdk.i586.rpm\n b5a3de7c01f7a4187f85bc66db242c67 corporate/3.0/i586/libnspr4-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n 8d1cfeaf1cb031bc1ec4519994801b6a corporate/3.0/i586/libnspr4-static-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n d08546a25f6e78701feed1d67d53fabd corporate/3.0/i586/libnss3-1.5.0.7-0.1.C30mdk.i586.rpm\n 3371ded40c0bd1a8e828d9e92aed09fd corporate/3.0/i586/libnss3-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n 6d635b07ba60ed49fe27d4c633204520 corporate/3.0/i586/mozilla-firefox-1.5.0.7-0.1.C30mdk.i586.rpm\n aa83aaff11daa5889c9d36c928075341 corporate/3.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.i586.rpm\n 059c5de9e7a5f658cfbc692c913b3403 corporate/3.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.i586.rpm\n 63b8a1a7db1568964fe4dc1d32552f52 corporate/3.0/i586/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.i586.rpm\n cf48e548709250792e5a87c12db71cf1 corporate/3.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.i586.rpm\n 90c83713c4fd403c9999cf52c56eb282 corporate/3.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.i586.rpm\n 91279bd7d327c1a3bc0855cb06007f82 corporate/3.0/i586/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.i586.rpm\n 1fec2333c2988cc7cb7238d5bcf1812d corporate/3.0/i586/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.i586.rpm\n debf0c0ddd775793cd87fedcaefc5cf7 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.i586.rpm\n 6e9ec67c3a28bde55146ca1f475cb847 corporate/3.0/i586/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.i586.rpm\n 53c7defd9f6f8168990e4f4d4fa3a495 corporate/3.0/i586/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.i586.rpm\n 5ac67c7e12f4edd0429bc2f085e438e6 corporate/3.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.i586.rpm\n 5d4ac2f2cd3d6aecd52365e54aa85d66 corporate/3.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.i586.rpm\n aad00d0da3781f7165ed63df0276962d corporate/3.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.i586.rpm\n c531c8f33674e476980aa2cf112440bc corporate/3.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.i586.rpm\n 8f33047a9c560757a90831ea415ef814 corporate/3.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.i586.rpm\n ec0a957af4cd462f58c3d846a37d68b4 corporate/3.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.i586.rpm\n 1f8f0a6a7f962c1b1cf9d3dec38af0e2 corporate/3.0/i586/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.i586.rpm\n 354c14637e7df983f16903f46bf81171 corporate/3.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.i586.rpm\n b9fdd2f2db6f74ef240e23ace3a3a0c3 corporate/3.0/i586/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.i586.rpm\n 831a3b7c411cc716527dfe1c97d63de2 corporate/3.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.i586.rpm\n a89843c85143fa62e264f37df634b920 corporate/3.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.i586.rpm\n 382ff5621db369b06e9d76a41a4fa509 corporate/3.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.i586.rpm\n 4181358e7b0b84ff907bd5173be137d2 corporate/3.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.i586.rpm\n 6da617d32c9eb917180eddd62aeabf54 corporate/3.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.i586.rpm\n c0e559c0dc865c97435a918d77d690dd corporate/3.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.i586.rpm\n 05a64d9e97c0ec16b661d93e4c49ba93 corporate/3.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.i586.rpm\n ef2379b44f8e241a7811eee7031e9838 corporate/3.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.i586.rpm\n 08f36ddea8f0b8ad5decc76b6ebf7106 corporate/3.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.i586.rpm\n 9af857fcd8a7e98707ae77fcbd17e25d corporate/3.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.i586.rpm\n 5b23c90450de3a6ee1b879dafb4e0ebb corporate/3.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.i586.rpm\n 646d7d7ca0374da1d90c77ff827b7a3b corporate/3.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.i586.rpm\n 25746d2ce3a97f620f1c098daef474ed corporate/3.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.i586.rpm\n fb12bfb159f9d9a291e838cb6994daa5 corporate/3.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.i586.rpm\n 962b2b084cde62a28341c177d006b755 corporate/3.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.i586.rpm\n 784906446777df1d03ba5ac75e790104 corporate/3.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.i586.rpm\n 543df7658745731ec6341a1d46901e5e corporate/3.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.i586.rpm\n ef4728e96d4c1dadc4e9286022c6fc1a corporate/3.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.i586.rpm\n f974e234f39298065b5a120da2aad80f corporate/3.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.i586.rpm \n da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm\n 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 38e5d39281cf8fe28ae400ef6880ed82 corporate/3.0/x86_64/lib64nspr4-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 8594d09e78d9ec76bed9bb5bf9065a9d corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 88ea20792afc414a8511312fc53c9973 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 0749638fca3fc55a0c84b374c8ddce4c corporate/3.0/x86_64/lib64nss3-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3bd450c319eada8936baad026c0e7edc corporate/3.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 86a6c461d4b783867fbf62dba98b76a0 corporate/3.0/x86_64/mozilla-firefox-1.5.0.7-0.1.C30mdk.x86_64.rpm\n fa3bdb060dc9933093cd59604e0e9770 corporate/3.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.C30mdk.x86_64.rpm\n cf50847d5e76e5a9b0cd9c48a156f919 corporate/3.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 5251818cebcf07fdb025aded5d99f092 corporate/3.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 1ae9e70895e0bfb45034d2cfa4c937b8 corporate/3.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3585c137dc33769069e8961fa5a7ae7b corporate/3.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e10f6d78aa54d325f8a38d7f8729f1ac corporate/3.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 62bd1fd39df7abf0ce81eb9d711f6d14 corporate/3.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e34c011d455b576e4e27b20d4bc057db corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.C30mdk.x86_64.rpm\n aebe66911dac80623339aee380ec165a corporate/3.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3c5f109ae088242966604dce6338f07b corporate/3.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 17ef425bc7fc131b9de3632fb92317d1 corporate/3.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 15ea134fde2b507f46e6e4faf243135f corporate/3.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.C30mdk.x86_64.rpm\n ce6f4aa7a0fb1ac425afc5d915bb392d corporate/3.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 13b0b693682e7def5e320473342cf4a0 corporate/3.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.C30mdk.x86_64.rpm\n d5fd81f204e46d15b6d1124376ab0930 corporate/3.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.C30mdk.x86_64.rpm\n cb389fc624d1961cf2ab00488bad7cef corporate/3.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 3cd572d77c055bf562c3678c513ff3c8 corporate/3.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.C30mdk.x86_64.rpm\n ea7215256650d751ae2ce0d20812fa96 corporate/3.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 57fcf8c6e9f251d3eb4f0096ca55cea3 corporate/3.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.C30mdk.x86_64.rpm\n d7f6310911b7e049876f7b70c16b8ccc corporate/3.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 8c0b97b440922510631400b5aea900ac corporate/3.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 8045c85ca598518aff6c7ead8f3fbf61 corporate/3.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 996d7bb252cf32b3ddce18a90b4bb8d9 corporate/3.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 5a3b346110144f79e05c20d13ac90663 corporate/3.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c56729c0896b11a9e49875fe2b493872 corporate/3.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.C30mdk.x86_64.rpm\n da6306fcba9fba87d98f68208e752bf8 corporate/3.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e94eca882ce53af3086bac6cf70076ea corporate/3.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 810bc3ca66d52d5537ece20a12679fec corporate/3.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c97bcde75d8118bb3d6c38428b811cc9 corporate/3.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 629ec7999ae3fd23e36e2c6722847bbe corporate/3.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.C30mdk.x86_64.rpm\n ad435041d1138f8a38a0a0739cff18d8 corporate/3.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.C30mdk.x86_64.rpm\n f76501363a31bcd388f5edcc80881196 corporate/3.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.C30mdk.x86_64.rpm\n e400f4b7e77307c8c5ab1bc26691168a corporate/3.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 126f45e769e463182b4ade57183684c1 corporate/3.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.C30mdk.x86_64.rpm\n 160b09d1c10d0b781d8c1a17779432ed corporate/3.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c5c363d0552c8365bf5dc6a0936d28b2 corporate/3.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.C30mdk.x86_64.rpm\n c4baf08469f1dbea8924429a7ec7b86e corporate/3.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.C30mdk.x86_64.rpm\n b9ce84c78e92b6f5e75954ada2706722 corporate/3.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.C30mdk.x86_64.rpm \n da8e3fd260eb19659ba6673583ad84d2 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.C30mdk.src.rpm\n 016a9658232f45d63f5c21987dc59a31 corporate/3.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.C30mdk.src.rpm\n\n Corporate 4.0:\n 64a0356cc8f1b1ffcdfdef3d8d146cc5 corporate/4.0/i586/libnspr4-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 3f0b705031d1e95280e8194338b2d381 corporate/4.0/i586/libnspr4-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 1bba2e76f21b670f44ba65f8c92b67e1 corporate/4.0/i586/libnspr4-static-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n cb10e515e0fad365a81273a9b620cbc7 corporate/4.0/i586/libnss3-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 3534b6f0e0b64686aee7b0758ec33daf corporate/4.0/i586/libnss3-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n c3aa90658d2adeb4e6543426c493a0fe corporate/4.0/i586/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 122e2ce3928dd2898118533f45f851e1 corporate/4.0/i586/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 3ade855a9fc71980eec72c8dbc107ae3 corporate/4.0/i586/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.i586.rpm\n c189b7b4b54f4bdf040635750df007f8 corporate/4.0/i586/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 360d587d53e2a9c47dfff8a9137f1b4c corporate/4.0/i586/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.i586.rpm\n c2fa5da5d44a5f70bb49d5b4ba7e86e6 corporate/4.0/i586/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 5df7bf2ff4059259ed0b5ea9f3587cc3 corporate/4.0/i586/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 278a321f6ee5928135585f03a05ae642 corporate/4.0/i586/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.i586.rpm\n cd37b5dfe36b72fb482be5abc4bbbba7 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 9b49e02711849a4babedfa63c6aadefb corporate/4.0/i586/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.i586.rpm\n d8293192b06e5a91df8314ecba17880e corporate/4.0/i586/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 5839e97fa06cca289121be5f33e9286d corporate/4.0/i586/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 34d184e85b53c369a713c08f66e601dc corporate/4.0/i586/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.i586.rpm\n ab7b43c629095beee26dbb1381fbff9d corporate/4.0/i586/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 79cfc37305b6a3977d7c7333c7e883de corporate/4.0/i586/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 7e8f28d446d6e574d8a1521059c03144 corporate/4.0/i586/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 0d2dd482cc76fb0df96c0bc5f4fa5844 corporate/4.0/i586/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 58959b3a1d43cc2a666361804daa88f1 corporate/4.0/i586/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.i586.rpm\n ded59cf4be8835dc0ada86add049ed86 corporate/4.0/i586/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 8afd66b33e600714238e360a127df36e corporate/4.0/i586/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.i586.rpm\n ef6a89b44e3b120f1bae29217728f196 corporate/4.0/i586/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 1532d01d8123e87ee1103292ed95f68d corporate/4.0/i586/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 8c0667ab59c15a9b66097f5e86df7220 corporate/4.0/i586/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.i586.rpm\n bcec75d2b059d123d6c21dae29baee00 corporate/4.0/i586/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.i586.rpm\n f5afdfd15e40f4ec6323a8cac098cb78 corporate/4.0/i586/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 1544a7236d6a10521f89234feaff9435 corporate/4.0/i586/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 53834f537b0eacd3bb59a2ccc6a40ea6 corporate/4.0/i586/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 70171f6ba3c24b51ec29be154e129bce corporate/4.0/i586/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 4e64eee4ed44068cb9db5c77730c71b8 corporate/4.0/i586/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.i586.rpm\n d990c04de7c285225c51067ff92d8a58 corporate/4.0/i586/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 04ee85bd5b28b12466bcd8189d4ae480 corporate/4.0/i586/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 222528603f2d88e4e46178620328ac7e corporate/4.0/i586/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.i586.rpm\n caacac0ace4c80fbf0d917ea95070114 corporate/4.0/i586/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.i586.rpm\n e4aabb47eacf2bcbb517e6890935d4e9 corporate/4.0/i586/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.i586.rpm\n e55300aa65e586aba56e5b75c3d0f0d7 corporate/4.0/i586/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 8d857f4d255e86e4b1db933ab75a88b5 corporate/4.0/i586/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 0d4998a9483e67ad0a484d8535950401 corporate/4.0/i586/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 0677248472dd1f219ac4c633b3ae8427 corporate/4.0/i586/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.i586.rpm\n 025ee723e8a157de742313163d8199e6 corporate/4.0/i586/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.i586.rpm \n 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm\n d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n e9362e7e9d164dcf20ac2dd178057783 corporate/4.0/x86_64/lib64nspr4-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 27152d5c4d45cfe65038b90014f4b128 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n a520a8169e6f7fa9636c7434820263cc corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 73fa1146e61ddf2baea07f4e51b247a2 corporate/4.0/x86_64/lib64nss3-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 77c656121a9efaefb5bf8bea7416a190 corporate/4.0/x86_64/lib64nss3-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 1353fe3c1c7740891cca051691f2a844 corporate/4.0/x86_64/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 6e547a34386d9220269f6971df84459b corporate/4.0/x86_64/mozilla-firefox-ar-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 37bd5e53ce8bd1196991a1d48c7d3fc2 corporate/4.0/x86_64/mozilla-firefox-bg-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n d8efb7b371fa3bc9d7dbda4d82bcea69 corporate/4.0/x86_64/mozilla-firefox-br-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n a4eb36d0ed16b308bf8146758468f720 corporate/4.0/x86_64/mozilla-firefox-ca-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 1f3f6299c228a51c39dd9036d501baf3 corporate/4.0/x86_64/mozilla-firefox-cs-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b7ed3aee73652f317d41612746b7f79e corporate/4.0/x86_64/mozilla-firefox-da-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n aa5e7732031b216f6cc4552b7e5bfe22 corporate/4.0/x86_64/mozilla-firefox-de-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b99863ae0bc816222fec7afd596b4b38 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 22b5ef994c3f38b7b5a63808f0ef9c47 corporate/4.0/x86_64/mozilla-firefox-el-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n a5033ebf881cab82e063df8ffe29e22b corporate/4.0/x86_64/mozilla-firefox-es-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 387dfb400ed59319e932a19e2dd4fe09 corporate/4.0/x86_64/mozilla-firefox-es_AR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 2a114b7e832d12fad87f2ad76ed89a7d corporate/4.0/x86_64/mozilla-firefox-eu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n eced7a780c5f758eef5a0f71f43ed261 corporate/4.0/x86_64/mozilla-firefox-fi-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 854bc6729675ed8670330f3da1e520b2 corporate/4.0/x86_64/mozilla-firefox-fr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b73ac49803411c5afb96d87cde8a89c9 corporate/4.0/x86_64/mozilla-firefox-fy-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n ca9a93da5b7f4dfc1eca188267891a66 corporate/4.0/x86_64/mozilla-firefox-ga-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 267f8dc1ca9e04115050a311eebd00f1 corporate/4.0/x86_64/mozilla-firefox-he-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 516850fa1de5417fdb96ab50fee1504f corporate/4.0/x86_64/mozilla-firefox-hu-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n ec13f241ff41c46590e31fd8339ffae7 corporate/4.0/x86_64/mozilla-firefox-it-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 00eddff4c17ce23c148cbb2bfd27bc59 corporate/4.0/x86_64/mozilla-firefox-ja-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 896cc9b5af7e66ddbf67ad819083a9aa corporate/4.0/x86_64/mozilla-firefox-ko-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 52a752441fc870f33e792860ec328ecd corporate/4.0/x86_64/mozilla-firefox-lt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b418b4371503ed9502ca7eab01c6d86e corporate/4.0/x86_64/mozilla-firefox-mk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 801a63774bfd94ac7e292b97bc1c88a6 corporate/4.0/x86_64/mozilla-firefox-nb-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 4998a34e227bcd0de4c64a08198cda13 corporate/4.0/x86_64/mozilla-firefox-nl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 0f809660f4c1e45133fc01003acee854 corporate/4.0/x86_64/mozilla-firefox-pa_IN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n da3f053868769c3d1705158b925a3312 corporate/4.0/x86_64/mozilla-firefox-pl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n b53c13931bdcebb9dec07ccb7512cc0d corporate/4.0/x86_64/mozilla-firefox-pt-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 431f220901edaf32f504ee6dfd7d8262 corporate/4.0/x86_64/mozilla-firefox-pt_BR-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 45d21d5351be8762640ae3038458c6b8 corporate/4.0/x86_64/mozilla-firefox-ro-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 3bb59b3ca297d90181276683db70ceb7 corporate/4.0/x86_64/mozilla-firefox-ru-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n cce30e727a3dba740a537ec0040248f2 corporate/4.0/x86_64/mozilla-firefox-sk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 7221b6655d4061eb29ed5150f87b3706 corporate/4.0/x86_64/mozilla-firefox-sl-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n dd7c39076b8bb01d1b4432ba9cb29f12 corporate/4.0/x86_64/mozilla-firefox-sv-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n cacf45d88765c0c26d7256e5f392c2df corporate/4.0/x86_64/mozilla-firefox-tr-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 703558369cbe9e4920eab509134d3a7e corporate/4.0/x86_64/mozilla-firefox-uk-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n 817fd873fb5f997916d61b2cf078d2c3 corporate/4.0/x86_64/mozilla-firefox-zh_CN-1.5.0.7-0.1.20060mlcs4.x86_64.rpm\n fe95060a37a586f98f5c3683131a9ef2 corporate/4.0/x86_64/mozilla-firefox-zh_TW-1.5.0.7-0.1.20060mlcs4.x86_64.rpm \n 137c81b452d542b3d4e1134cb1b3c8a1 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.7-0.1.20060mlcs4.src.rpm\n d007a6b49b301a9215641888714c6f5f corporate/4.0/SRPMS/mozilla-firefox-l10n-1.5.0.7-0.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. This is an OpenPGP/MIME signed message (RFC 2440 and 3156)\n--------------enig38FF09D81E6F0DF2DC736FD8\nContent-Type: text/plain; charset=ISO-8859-1; format=flowed\nContent-Transfer-Encoding: quoted-printable\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200609-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Mozilla Firefox: Multiple vulnerabilities\n Date: September 28, 2006\n Bugs: #147652\n ID: 200609-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=3D=3D=3D=3D=3D=3D=3D=3D\n\nThe Mozilla Foundation has reported numerous vulnerabilities in Mozilla\nFirefox, including one that may allow execution of arbitrary code. \n\nBackground\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nMozilla Firefox is a redesign of the Mozilla Navigator component. The\ngoal is to produce a cross-platform, stand-alone browser application. \n\nAffected packages\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/mozilla-firefox \u003c 1.5.0.7 \u003e=3D 1.5.0.7=\n\n 2 www-client/mozilla-firefox-bin \u003c 1.5.0.7 \u003e=3D 1.5.0.7=\n\n -------------------------------------------------------------------\n 2 affected packages on all of their supported architectures. \n -------------------------------------------------------------------\n\nDescription\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nA number of vulnerabilities were found and fixed in Mozilla Firefox. \nFor details please consult the references below. \n\nImpact\n=3D=3D=3D=3D=3D=3D\n\nThe most severe vulnerability involves enticing a user to visit a\nmalicious website, crashing the browser and executing arbitrary code\nwith the rights of the user running the application. \n\nWorkaround\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nThere is no known workaround at this time. \n\nResolution\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nAll Mozilla Firefox users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose=20\n\"\u003e=3Dwww-client/mozilla-firefox-1.5.0.7\"\n\nUsers of the binary package should upgrade as well:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose=20\n\"\u003e=3Dwww-client/mozilla-firefox-bin-1.5.0.7\"\n\nReferences\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\n [ 1 ] CVE-2006-4253\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4253\n [ 2 ] CVE-2006-4340\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4340\n [ 3 ] CVE-2006-4565\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4565\n [ 4 ] CVE-2006-4566\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4566\n [ 5 ] CVE-2006-4567\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4567\n [ 6 ] CVE-2006-4568\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4568\n [ 7 ] CVE-2006-4569\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4569\n [ 8 ] CVE-2006-4571\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2006-4571\n\nAvailability\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200609-19.xml\n\nConcerns?\n=3D=3D=3D=3D=3D=3D=3D=3D=3D\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=3D=3D=3D=3D=3D=3D=3D\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA06-333A\n\n\nApple Releases Security Update to Address Multiple Vulnerabilities\n\n Original release date: November 29, 2006\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Apple Mac OS X version 10.3.x and 10.4.x\n * Apple Mac OS X Server version 10.3.x and 10.4.x\n * Apple Safari web browser\n\n These vulnerabilities affect both Intel-based and PowerPC-based Apple\n systems. \n\n\nOverview\n\n Apple has released Security Update 2006-007 to correct multiple\n vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web\n browser. Vulnerabilities in OpenSSL, gzip, and other products are also\n addressed. Attackers may take\n advantage of the less serious vulnerabilities to bypass security\n restrictions or cause a denial of service. \n\n\nI. Description\n\n Apple Security Update 2006-007 addresses a number of vulnerabilities\n affecting Mac OS X, OS X Server, Safari web browser, and other\n products. Further details are available in the related vulnerability\n notes. \n\n This security update also addresses previously known vulnerabilities\n in PHP, Perl, OpenSSL, and gzip, which are shipped with Mac OS X. Information is also available through the OpenSSL\n vulnerabilities page. Information about the vulnerabilities in gzip is\n available in a series of vulnerability notes. \n\n\nII. Impact\n\n The impacts of these vulnerabilities vary. For specific details, see\n the appropriate vulnerability notes. Potential consequences include\n remote execution of arbitrary code or commands, bypass of security\n restrictions, and denial of service. \n\n\nIII. Solution\n\nInstall updates\n\n Install Apple Security Update 2006-007. \n\n\nIV. References\n\n * Vulnerability Notes for Apple Security Update 2006-007 -\n \u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e\n\n * Vulnerability Notes for OpenSSL Security Advisory [28th September\n 2006] -\n\u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e\n\n * Vulnerability Note VU#845620 -\n \u003chttp://www.kb.cert.org/vuls/id/845620\u003e\n\n * Vulnerability Note VU#933712 -\n \u003chttp://www.kb.cert.org/vuls/id/933712\u003e\n\n * Vulnerability Note VU#381508 -\n \u003chttp://www.kb.cert.org/vuls/id/381508\u003e\n\n * Vulnerability Note VU#554780 -\n \u003chttp://www.kb.cert.org/vuls/id/554780\u003e\n\n * Vulnerability Note VU#596848 -\n \u003chttp://www.kb.cert.org/vuls/id/596848\u003e\n\n * Vulnerability Note VU#773548 -\n \u003chttp://www.kb.cert.org/vuls/id/773548\u003e\n\n * About the security content of Security Update 2006-007 -\n \u003chttp://docs.info.apple.com/article.html?artnum=304829\u003e\n\n * Mac OS X: Updating your software -\n \u003chttp://docs.info.apple.com/article.html?artnum=106704\u003e\n\n * Apple Downloads - \u003chttp://www.apple.com/support/downloads/\u003e\n\n * OpenSSL: OpenSSL vulnerabilities -\n \u003chttp://www.openssl.org/news/vulnerabilities.html\u003e\n\n * Securing Your Web Browser -\n \u003chttp://www.us-cert.gov/reading_room/securing_browser/#Safari\u003e\n\n _________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA06-333A.html\u003e\n _________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA06-333A Feedback VU#191336\" in the\n subject. \n _________________________________________________________________\n\n Produced 2006 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n\n _________________________________________________________________\n\n Revision History\n\n November 29, 2006: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBRW33NuxOF3G+ig+rAQJtiggApJKRh7x+z8vp0xb26sE16RUOD3epcrk6\nlJZ4rXnqVqoFacAt0Ucb8T43/Uc4N85UMa695YbFspYZum3hcGZo+WnNPolGUeRz\niN/4bfKgzekfpbHxf6T3YvQYp+PVMRfHPUcxfaZDYXhu2813N4SSQpM59KRL5BD7\nxr+5VvB09biVKlzpEdgtk2EHcqc+sMF5+o3cCgDJCnJNL+NG4J6d/hsyNP15ekTf\n8m0W4rJonUe2gR2Bp7F1Y47KgRr3BT1aH2gxUSim9qEJpPdP/CkmGoFp+BfrFP9q\nA580LOrqFK8HIly1fbPKb26p2theUUESnQqM9Ob8xolkCDLy6h7ssg==\n=f7N+\n-----END PGP SIGNATURE-----\n. \nOther vulnerabilities include program crashes and the acceptance of\nforged certificates. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4340"
},
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "50749"
},
{
"db": "PACKETSTORM",
"id": "52156"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "PACKETSTORM",
"id": "50537"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "50630"
}
],
"trust": 4.86
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-4340",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "21906",
"trust": 2.4
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 2.0
},
{
"db": "BID",
"id": "22083",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22074",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22247",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "21950",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22422",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "21949",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "21915",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22226",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22088",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "21939",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22055",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22274",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22025",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "21903",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22342",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22036",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22001",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "21940",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22210",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "22299",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "21916",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1016860",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1016859",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1016858",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3899",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3622",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-3617",
"trust": 1.6
},
{
"db": "USCERT",
"id": "TA06-312A",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#773548",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22195",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22044",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23883",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22849",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22992",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22056",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0293",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1198",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0083",
"trust": 1.0
},
{
"db": "AUSCERT",
"id": "ESB-2007.0014",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "BID",
"id": "20042",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557",
"trust": 0.8
},
{
"db": "GENTOO",
"id": "GLSA-200610-06",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200609-19",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200610-01",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-350-1",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-354-1",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-351-1",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-352-1",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-361-1",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1192",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1191",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2006:0676",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2006:0675",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2006:0677",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2006:055",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2006:054",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "102648",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[IETF-OPENPGP] 20060827 BLEICHENBACHER\u0027S RSA SIGNATURE FORGERY BASED ON IMPLEMENTATION ERROR",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "TA06-312A",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2006:169",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2006:168",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-270",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 0.3
},
{
"db": "BID",
"id": "19849",
"trust": 0.3
},
{
"db": "CERT/CC",
"id": "VU#554780",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#933712",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#596848",
"trust": 0.2
},
{
"db": "CERT/CC",
"id": "VU#381508",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "21996",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "50178",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51021",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50749",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52156",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51167",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50269",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50537",
"trust": 0.1
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52708",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50630",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "50749"
},
{
"db": "PACKETSTORM",
"id": "52156"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "PACKETSTORM",
"id": "50537"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "50630"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-270"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"id": "VAR-200110-0171",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.32525984999999996
},
"last_update_date": "2022-06-29T20:08:15.508000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02156",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00774579"
},
{
"title": "HPSBUX02153",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"title": "HPSBUX02156",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02156.html"
},
{
"title": "HPSBUX02153",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02153.html"
},
{
"title": "seamonkey (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=984"
},
{
"title": "mfsa2006-60",
"trust": 0.8,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"title": "mfsa2006-60",
"trust": 0.8,
"url": "http://www.mozilla-japan.org/security/announce/2006/mfsa2006-60.html"
},
{
"title": "RHSA-2006:0675",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"title": "RHSA-2006:0676",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"title": "RHSA-2006:0677",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"title": "102781",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1"
},
{
"title": "RHSA-2006:0675",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0675j.html"
},
{
"title": "RHSA-2006:0676",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0676j.html"
},
{
"title": "RHSA-2006:0677",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0677j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 2.4,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 2.0,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 1.9,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-200609-19.xml"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-200610-01.xml"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.6,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-312a.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0677.html"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0676.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21949"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21906"
},
{
"trust": 1.6,
"url": "http://www.us.debian.org/security/2006/dsa-1191"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-361-1"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-354-1"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-352-1"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-351-1"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-350-1"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0675.html"
},
{
"trust": 1.6,
"url": "http://www.novell.com/linux/security/advisories/2006_55_ssl.html"
},
{
"trust": 1.6,
"url": "http://www.novell.com/linux/security/advisories/2006_54_mozilla.html"
},
{
"trust": 1.6,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2006/dsa-1192"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1016860"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1016859"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1016858"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22422"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22342"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22299"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22274"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22247"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22226"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22210"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22088"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22074"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22055"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22036"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22025"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22001"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21950"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21940"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21939"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21916"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21915"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/21903"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2006/3617"
},
{
"trust": 1.3,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4340"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-p.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22446"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1210"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22849"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22056"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22195"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22992"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-640"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23883"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22044"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24711"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:168"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:169"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3617"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0293"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1198"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3899"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3622"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30098"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11007"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/446140/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://www.gzip.org/"
},
{
"trust": 0.8,
"url": "http://www.auscert.org.au/7179"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-4340"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21906/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20042"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3899"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3622"
},
{
"trust": 0.6,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2006:169"
},
{
"trust": 0.6,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2006:168"
},
{
"trust": 0.4,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.4,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.4,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/glsa/glsa-200610-06.xml"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4568"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4566"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4565"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4340"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4571"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2788"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4566"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4253"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4565"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4571"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4567"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508"
},
{
"trust": 0.1,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4220/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548"
},
{
"trust": 0.1,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/21996/"
},
{
"trust": 0.1,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4570"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge7.3.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.3.1_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.3.1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.3.1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge7.3.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.3.1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.3.1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge7.3.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-64.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-61.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4569"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-62.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-58.html"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-57.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4568"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-59.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4567"
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4566"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4253"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4569"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4565"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4571"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=3dcve-2006-4568"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/845620\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/773548\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/933712\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/596848\u003e"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/news/vulnerabilities.html\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=304829\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/reading_room/securing_browser/#safari\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=apple-2006-007\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/381508\u003e"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=openssl_secadv_20060928\u003e"
},
{
"trust": 0.1,
"url": "http://docs.info.apple.com/article.html?artnum=106704\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/554780\u003e"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4570"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "50749"
},
{
"db": "PACKETSTORM",
"id": "52156"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "PACKETSTORM",
"id": "50537"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "50630"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-270"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#773548"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"db": "PACKETSTORM",
"id": "50178"
},
{
"db": "PACKETSTORM",
"id": "51021"
},
{
"db": "PACKETSTORM",
"id": "50749"
},
{
"db": "PACKETSTORM",
"id": "52156"
},
{
"db": "PACKETSTORM",
"id": "51167"
},
{
"db": "PACKETSTORM",
"id": "50269"
},
{
"db": "PACKETSTORM",
"id": "50537"
},
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "PACKETSTORM",
"id": "50630"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-270"
},
{
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-19T00:00:00",
"db": "CERT/CC",
"id": "VU#773548"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"date": "2006-09-21T23:56:25",
"db": "PACKETSTORM",
"id": "50178"
},
{
"date": "2006-10-20T22:34:17",
"db": "PACKETSTORM",
"id": "51021"
},
{
"date": "2006-10-09T04:16:16",
"db": "PACKETSTORM",
"id": "50749"
},
{
"date": "2006-11-16T15:41:20",
"db": "PACKETSTORM",
"id": "52156"
},
{
"date": "2006-10-20T22:34:17",
"db": "PACKETSTORM",
"id": "51167"
},
{
"date": "2006-09-26T19:59:02",
"db": "PACKETSTORM",
"id": "50269"
},
{
"date": "2006-10-04T00:43:37",
"db": "PACKETSTORM",
"id": "50537"
},
{
"date": "2006-12-06T02:47:36",
"db": "PACKETSTORM",
"id": "52708"
},
{
"date": "2006-10-04T22:41:23",
"db": "PACKETSTORM",
"id": "50630"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-270"
},
{
"date": "2006-09-15T18:07:00",
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#773548"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2007-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000557"
},
{
"date": "2006-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-270"
},
{
"date": "2018-10-17T21:36:00",
"db": "NVD",
"id": "CVE-2006-4340"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "52708"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-270"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "gzip contains a .bss buffer overflow in its LZH handling",
"sources": [
{
"db": "CERT/CC",
"id": "VU#773548"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-270"
}
],
"trust": 0.6
}
}
var-200110-0240
Vulnerability from variot
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
-
Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . ASN.1 Denial of Service Attack (1/2)
During the parsing of certain invalid ASN.1 structures an error
condition is mishandled. ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm
Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm
Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm
Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----
. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0240",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "5.04"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar410v2"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar450s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar550s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar570s"
},
{
"model": "centrecom",
"scope": "eq",
"trust": 0.8,
"vendor": "allied telesis",
"version": "ar740"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "11.5.10cu2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "9.2.0.8"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "fitelnet-f series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "mucho series",
"scope": null,
"trust": 0.8,
"vendor": "furukawa electric",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "5.0"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.10"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "cwrsync",
"version": "2.0.9"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "x8610.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "solaris data encryption kit",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "10.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90001.3(3.33)"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "7.50.3.45"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "ciscosecure acs appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1111"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "mds 9216i",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90002.0(0.86)"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "css11500 content services switch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "8.10.2.65"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "ciscosecure acs for windows and unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.48"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.47"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.22"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i standard edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i personal edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.7.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.6.0"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0.5"
},
{
"model": "oracle9i enterprise edition fips",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.5"
},
{
"model": "oracle9i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1.4"
},
{
"model": "oracle8i standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4"
},
{
"model": "oracle8i enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7.4.0"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.2"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.5"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g personal edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.2"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.4"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3.1"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.3"
},
{
"model": "oracle10g enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.4.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3.0.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.2.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.1.0"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.1"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "oracle10g application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "identity management 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4.0.1"
},
{
"model": "9i application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0.2.2"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.2.1"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.5"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.4"
},
{
"model": "enterprise manager grid control 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.3"
},
{
"model": "e-business suite 11i cu2",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.9"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.8"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.7"
},
{
"model": "e-business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.0"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.1.2.0.2"
},
{
"model": "developer suite",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "developer suite 6i",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.2"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.1"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "210.1.2.0.0"
},
{
"model": "application server release",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "29.0.2.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.3"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.2"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4.1"
},
{
"model": "application server 10g",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.4"
},
{
"model": "oracle for openview for linux ltu",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1.1"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.1.7"
},
{
"model": "oracle for openview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:allied_telesis_k.k.:centrecom",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:e-business_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:fitelnet-f",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:furukawa_electric:mucho",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4343",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-4343",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-4343",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#221788",
"trust": 0.8,
"value": "4.20"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-4343",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. ASN.1 Denial of Service Attack (1/2)\n\n During the parsing of certain invalid ASN.1 structures an error\n condition is mishandled. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4343"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "53566"
}
],
"trust": 5.85
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-4343",
"trust": 3.9
},
{
"db": "BID",
"id": "22083",
"trust": 3.7
},
{
"db": "BID",
"id": "20246",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "CERT/CC",
"id": "VU#221788",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "22791",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25420",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4443",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1973",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29263",
"trust": 1.0
},
{
"db": "EXPLOIT-DB",
"id": "4773",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"id": "VAR-200110-0240",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-11-27T22:10:20.234000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "openssl (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1003"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102711",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "Oracle Critical Patch Update - January 2007",
"trust": 0.8,
"url": "http://otn.oracle.co.jp/security/070119_77/top.html"
},
{
"title": "X.509\u8a3c\u660e\u66f8\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://www.allied-telesis.co.jp/support/list/faq/vuls/20071108.html"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
},
{
"title": "729618/NISCC/PARASITIC-KEYS",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/niscc729618.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.7,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/386964"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.4,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
},
{
"trust": 1.1,
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29263"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25420"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22791"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201531-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "https://www.exploit-db.com/exploits/4773"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29240"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4443"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4356"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr044501.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-729618/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4343"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.itefix.no/phpws/index.php?module=announce\u0026ann_user_op=view\u0026ann_id=80"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
},
{
"trust": 0.3,
"url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
},
{
"trust": 0.3,
"url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
},
{
"trust": 0.3,
"url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/index.html"
},
{
"trust": 0.3,
"url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/221788"
},
{
"trust": 0.3,
"url": "/archive/1/457193"
},
{
"trust": 0.3,
"url": "/archive/1/464470"
},
{
"trust": 0.3,
"url": "/archive/1/458657"
},
{
"trust": 0.3,
"url": "/archive/1/458036"
},
{
"trust": 0.3,
"url": "/archive/1/458006"
},
{
"trust": 0.3,
"url": "/archive/1/458037"
},
{
"trust": 0.3,
"url": "/archive/1/458005"
},
{
"trust": 0.3,
"url": "/archive/1/458041"
},
{
"trust": 0.3,
"url": "/archive/1/458038"
},
{
"trust": 0.3,
"url": "/archive/1/458475"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://secunia.com/"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#221788"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20246"
},
{
"db": "BID",
"id": "22083"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20246"
},
{
"date": "2007-01-16T00:00:00",
"db": "BID",
"id": "22083"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-01-17T00:00:00",
"db": "CERT/CC",
"id": "VU#221788"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T09:25:00",
"db": "BID",
"id": "20246"
},
{
"date": "2008-05-20T23:05:00",
"db": "BID",
"id": "22083"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000595"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-534"
},
{
"date": "2024-11-21T00:15:43.487000",
"db": "NVD",
"id": "CVE-2006-4343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-534"
}
],
"trust": 0.6
}
}
var-200609-0998
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b. OpenSSL library vulnerabilities:
ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
(CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
allows remote attackers to cause a denial of service (infinite
loop and memory consumption) via malformed ASN.1 structures that
trigger an improperly handled error condition.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
(CVE-2006-4343) The get_server_hello function in the SSLv2 client
code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and
earlier versions allows remote servers to cause a denial of service
(client crash) via unknown vectors that trigger a null pointer
dereference.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
(CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
SSH protocol, allows remote attackers to cause a denial of service
(CPU consumption) via an SSH packet that contains duplicate blocks,
which is not properly handled by the CRC compensation attack
detector.
NOTE: ESX by default disables version 1 SSH protocol.
(CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4
allows remote attackers to cause a denial of service (crash), and
possibly execute arbitrary code if GSSAPI authentication is enabled,
via unspecified vectors that lead to a double-free.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings. Python applications
using this function can open a security vulnerability that could
allow the execution of arbitrary code.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ASN.1 Denial of Service Attack (1/2)
During the parsing of certain invalid ASN.1 structures an error
condition is mishandled. This can result in an infinite loop which
consumes system memory. ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. This could be used by an attacker in a denial of
service attack. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824490 Version: 1
HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05 Last Updated: 2011-05-05
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
References: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html
CSWS_PHP V2.2 http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html
HISTORY Version:1 (rev.1) - 5 May 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0998",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.1c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.2b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6l"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6m"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2006.0"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "igateway vpn/ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "intoto",
"version": "0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ons",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2007.0"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor credits Dr S. N. Henson of Open Network Security with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "20247"
}
],
"trust": 0.3
},
"cve": "CVE-2006-2940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2940",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. OpenSSL library vulnerabilities:\n\n ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n allows remote attackers to cause a denial of service (infinite\n loop and memory consumption) via malformed ASN.1 structures that\n trigger an improperly handled error condition. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n (CVE-2006-4343) The get_server_hello function in the SSLv2 client\n code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n earlier versions allows remote servers to cause a denial of service\n (client crash) via unknown vectors that trigger a null pointer\n dereference. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n SSH protocol, allows remote attackers to cause a denial of service\n (CPU consumption) via an SSH packet that contains duplicate blocks,\n which is not properly handled by the CRC compensation attack\n detector. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4\n allows remote attackers to cause a denial of service (crash), and\n possibly execute arbitrary code if GSSAPI authentication is enabled,\n via unspecified vectors that lead to a double-free. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. Python applications\n using this function can open a security vulnerability that could\n allow the execution of arbitrary code. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ASN.1 Denial of Service Attack (1/2)\n\n During the parsing of certain invalid ASN.1 structures an error\n condition is mishandled. This can result in an infinite loop which\n consumes system memory. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. This could be used by an attacker in a denial of\n service attack. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02824490\nVersion: 1\n\nHPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-05-05\nLast Updated: 2011-05-05\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nReferences: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html\n\nCSWS_PHP V2.2\n http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html\n\nHISTORY\nVersion:1 (rev.1) - 5 May 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "22083",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2006-2940",
"trust": 1.6
},
{
"db": "BID",
"id": "20247",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26893",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22500",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23794",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017522",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29261",
"trust": 1.0
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"id": "VAR-200609-0998",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-07T20:56:32.071000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.9,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22500"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23794"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26893"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017522"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1195"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29261"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/20247"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-2"
},
{
"trust": 1.0,
"url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
},
{
"trust": 1.0,
"url": "https://issues.rpath.com/browse/rpl-1633"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openssl.org/"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20247"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20247"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-05-09T19:53:00",
"db": "BID",
"id": "20247"
},
{
"date": "2018-10-18T16:44:22.137000",
"db": "NVD",
"id": "CVE-2006-2940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20247"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL SSLv2 client code fails to properly check for NULL",
"sources": [
{
"db": "CERT/CC",
"id": "VU#386964"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20247"
}
],
"trust": 0.3
}
}
var-200110-0326
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it.
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
VMware Security Advisory
Advisory ID: VMSA-2007-0001 Synopsis: VMware ESX server security updates Issue date: 2007-01-08 Updated on: 2007-01-08 CVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-4980
- Summary:
Updated ESX Patches address several security issues.
- Relevant releases:
VMware ESX 3.0.1 without patch ESX-9986131 VMware ESX 3.0.0 without patch ESX-3069097
VMware ESX 2.5.4 prior to upgrade patch 3 VMware ESX 2.5.3 prior to upgrade patch 6 VMware ESX 2.1.3 prior to upgrade patch 4 VMware ESX 2.0.2 prior to upgrade patch 4
- Problem description:
Problems addressed by these patches:
a. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) assigned the name CVE-2006-3589 to this issue.
b.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,
CVE-2006-4339, and CVE-2006-4343 to these issues.
c. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,
CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues.
d. Object reuse problems with newly created virtual disk (.vmdk or .dsk) files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w.
e. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-4980 to this issue.
- Solution:
Please review the Patch notes for your version of ESX and verify the md5sum.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Contact:
http://www.vmware.com/security
VMware Security Response Policy http://www.vmware.com/vmtn/technology/security/security_response.html
E-mail: security@vmware.com
Copyright 2007 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE neFG0RikD74TCYeXKW6CBy4= =9/6k -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)
BACKGROUND
RESOLUTION
HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.
The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)
HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd
HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126
HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7
HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45
HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e
HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652
Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.
PRODUCT SPECIFIC INFORMATION
The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d
Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d
Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.
The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. This can result in an infinite loop which consumes system memory. ASN.1 Denial of Service Attack (2/2)
Certain types of public key can take disproportionate amounts of
time to process. This could be used by an attacker in a denial of
service attack. SSL_get_shared_ciphers() Buffer Overflow
A buffer overflow was discovered in the SSL_get_shared_ciphers()
utility function. An attacker could send a list of ciphers to an
application that uses this function and overrun a buffer. SSLv2 Client Crash
A flaw in the SSLv2 client code was discovered.
References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00849540 Version: 1
HPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-01-17 Last Updated: 2007-01-23
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access.
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
References: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01
BACKGROUND
AFFECTED VERSIONS
For IPv4: HP-UX B.11.00 HP-UX B.11.11 =========== hpuxwsAPACHE action: install revision A.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
For IPv6: HP-UX B.11.11 =========== hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.23
hpuxwsAPACHE action: install revision B.2.0.58.01 or subsequent restart Apache URL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
END AFFECTED VERSIONS
RESOLUTION
HP has made the following software updates available to resolve the issue. Software updates for the Apache-based Web Server are available from: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE
HP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent.
Apache Update Procedure
Check for Apache Installation
To determine if the Apache web server from HP is installed on your system, use Software Distributor's swlist command. All three revisions of the product may co-exist on a single system. For example, the results of the command swlist -l product | grep -I apache hpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server
Stop Apache
Before updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. After determining which Apache is installed, stop Apache with the following commands: for hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop
Download and Install Apache
Download Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE Verify successful download by comparing the cksum with the value specified on the installation web page. Use SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported.
Removing Apache Installation
The potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor's "swremove" command and also "rm -rf" the home location as specified in the rc.config.d file "HOME" variables. %ls /etc/rc.config.d | \ grep apache hpapache2conf hpws_apache[32]conf
MANUAL ACTIONS: Yes - Update plus other actions Install the revision of the product.
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY: rev.1 - 23 January 2007 Initial Release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0326",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. Henson of the OpenSSL core team and Open Network Security is credited with the discovery of this vulnerability. He created the test suite that uncovered this issue.",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2007-0001\nSynopsis: VMware ESX server security updates\nIssue date: 2007-01-08\nUpdated on: 2007-01-08\nCVE: CVE-2006-3589 CVE-2006-2937 CVE-2006-2940\n CVE-2006-3738 CVE-2006-4339 CVE-2006-4343\n CVE-2006-4980\n- -------------------------------------------------------------------\n\n1. Summary:\n\nUpdated ESX Patches address several security issues. \n\n2. Relevant releases:\n\nVMware ESX 3.0.1 without patch ESX-9986131\nVMware ESX 3.0.0 without patch ESX-3069097\n\nVMware ESX 2.5.4 prior to upgrade patch 3\nVMware ESX 2.5.3 prior to upgrade patch 6\nVMware ESX 2.1.3 prior to upgrade patch 4\nVMware ESX 2.0.2 prior to upgrade patch 4\n\n3. Problem description:\n\nProblems addressed by these patches:\n\na. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. The Common Vulnerabilities and Exposures project\n (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. \n\nb. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2006-2937, CVE-2006-2940, CVE-2006-3738,\n CVE-2006-4339, and CVE-2006-4343 to these issues. \n\nc. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the names CVE-2004-2069, CVE-2006-0225, CVE-2003-0386,\n CVE-2006-4924, CVE-2006-5051, and CVE-2006-5794 to these issues. \n\nd. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. \n\ne. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n assigned the name CVE-2006-4980 to this issue. \n\n4. Solution:\n\nPlease review the Patch notes for your version of ESX and verify the md5sum. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. Contact:\n\nhttp://www.vmware.com/security\n\nVMware Security Response Policy\nhttp://www.vmware.com/vmtn/technology/security/security_response.html\n\nE-mail: security@vmware.com\n\nCopyright 2007 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n\niD8DBQFFovs16KjQhy2pPmkRCMfyAKCXhdGwZyXW5VzSwcOmu2NNXKN/OwCgo+CE\nneFG0RikD74TCYeXKW6CBy4=\n=9/6k\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. This can result in an infinite loop which\n consumes system memory. ASN.1 Denial of Service Attack (2/2)\n\n Certain types of public key can take disproportionate amounts of\n time to process. This could be used by an attacker in a denial of\n service attack. SSL_get_shared_ciphers() Buffer Overflow\n\n A buffer overflow was discovered in the SSL_get_shared_ciphers()\n utility function. An attacker could send a list of ciphers to an\n application that uses this function and overrun a buffer. SSLv2 Client Crash\n \n A flaw in the SSLv2 client code was discovered. \n________________________________________________________________________\n\nReferences:\n [0] http://www.openssl.org/news/secadv_20060928.txt \n [1] http://www.openssl.org/\n [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00849540\nVersion: 1\n\nHPSBUX02186 SSRT071299 rev.1 - HP-UX running Apache Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-01-17\nLast Updated: 2007-01-23\n\nPotential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS), and unauthorized access. \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2006-2940, CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-4339, CVE-2005-2969. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running Apache-based Web Server prior to v.2.0.58.01\n\nBACKGROUND\n\nAFFECTED VERSIONS\n\nFor IPv4:\nHP-UX B.11.00\nHP-UX B.11.11\n===========\nhpuxwsAPACHE\naction: install revision A.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nFor IPv6:\nHP-UX B.11.11\n===========\nhpuxwsAPACHE,revision=B.1.0.00.01\nhpuxwsAPACHE,revision=B.1.0.07.01\nhpuxwsAPACHE,revision=B.1.0.08.01\nhpuxwsAPACHE,revision=B.1.0.09.01\nhpuxwsAPACHE,revision=B.1.0.10.01\nhpuxwsAPACHE,revision=B.2.0.48.00\nhpuxwsAPACHE,revision=B.2.0.49.00\nhpuxwsAPACHE,revision=B.2.0.50.00\nhpuxwsAPACHE,revision=B.2.0.51.00\nhpuxwsAPACHE,revision=B.2.0.52.00\nhpuxwsAPACHE,revision=B.2.0.53.00\nhpuxwsAPACHE,revision=B.2.0.54.00\nhpuxwsAPACHE,revision=B.2.0.55.00\nhpuxwsAPACHE,revision=B.2.0.56.00\nhpuxwsAPACHE,revision=B.2.0.58.00\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.23\n===========\nhpuxwsAPACHE\naction: install revision B.2.0.58.01 or subsequent\nrestart Apache\nURL:http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\n\nHP has made the following software updates available to resolve the issue. \nSoftware updates for the Apache-based Web Server are available from:\nhttp://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\n\nHP-UX B.11.00, B.11.11 and HP-UX B.11.23 require the Apache-based Web Server v.2.0.58.01 or subsequent. \n\nApache Update Procedure\n\nCheck for Apache Installation\n -----------------------------\nTo determine if the Apache web server from HP is installed on your system, use Software Distributor\u0027s swlist command. All three revisions of the product may co-exist on a single system. \nFor example, the results of the command swlist -l product | grep -I apache\nhpuxwsAPACHE B.2.0.55.00 HP-UX Apache-based Web Server\n\nStop Apache\n -------------\nBefore updating, make sure the previous Apache binary is stopped. If Apache is not stopped, the installation would be successful but the new version would be prevented from starting until a later time. \nAfter determining which Apache is installed, stop Apache with the following commands:\nfor hpuxwsAPACHE: /opt/hpws/apache[32]/bin/apachectl stop\n\nDownload and Install Apache\n --------------------------\nDownload Apache from Software Depot. http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=HPUXWSSUITE\nVerify successful download by comparing the cksum with the value specified on the installation web page. \nUse SD to swinstall the depot. Installation of this new revision of HP Apache over an existing HP Apache installation is supported, while installation over a non-HP Apache is NOT supported. \n\nRemoving Apache Installation\n ---------------------------\nThe potential vulnerability can also be resolved by removing Apache rather than installing a newer revision. To remove Apache use both Software Distributor\u0027s \"swremove\" command and also \"rm -rf\" the home location as specified in the rc.config.d file \"HOME\" variables. \n%ls /etc/rc.config.d | \\ grep apache hpapache2conf hpws_apache[32]conf\n\nMANUAL ACTIONS: Yes - Update plus other actions\nInstall the revision of the product. \n\nPRODUCT SPECIFIC INFORMATION\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \nFor more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA\n\nHISTORY: rev.1 - 23 January 2007 Initial Release\n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. Stephen N. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
}
],
"trust": 5.58
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.0
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56053",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50560",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53990",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0326",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-10-29T22:50:32.469000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.9,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.3,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.3,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
},
{
"trust": 0.1,
"url": "http://h30097.www3.hp.com/cma/patches.html"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
},
{
"trust": 0.1,
"url": "http://pgp.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org"
},
{
"trust": 0.1,
"url": "http://www.openpkg.org/security/"
},
{
"trust": 0.1,
"url": "http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayproductinfo.pl?productnumber=hpuxwssuite"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2969"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "56053"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "50560"
},
{
"db": "PACKETSTORM",
"id": "53990"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2007-04-19T00:58:08",
"db": "PACKETSTORM",
"id": "56053"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2006-10-04T01:20:54",
"db": "PACKETSTORM",
"id": "50560"
},
{
"date": "2007-01-27T02:35:42",
"db": "PACKETSTORM",
"id": "53990"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "20248"
}
],
"trust": 0.3
}
}
var-201406-0445
Vulnerability from variot
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. OpenSSL is vulnerable to a man-in-the-middle attack. Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks.
HP IceWall SSO Dfw and MCRP
If possible, do not use SHOST setting which allows IceWall SSO Dfw or MCRP to use SSL/TLS for back-end web server connection.
HP IceWall SSO Dfw Certd
If possible, set LDAPSSL to 0 to make HP SSO IceWall Certd to not use SSL/TLS on any connection with LDAP server.
Note: The HP IceWall product is only available in Japan. Please note that version 7.3.3 of HP Insight Control server migration is included on the HP Insight Management 7.3 Update 2 DVD.
HP has provided the installation binaries for download from the following web site by using the Receive for free option:
http://h18013.www1.hp.com/products/servers/management/fpdownload.html
Customers using HP Insight Control server migration v7.2.2 must first upgrade from v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then upgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD.
Customers running HP Insight Control server migration v7.3, v7.3.1, or v7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to complete the upgrade.
For more information on the upgrade process, please refer to the HP Insight Management Installation and Upgrade Guide and Release notes, which are available at the following location:
http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind ex.aspx?cat=insightmanagement
NOTE: The upgrade paths described above update the entire HP Insight Control software stack. To upgrade HP Insight Control server migration only, complete the following steps:
Copy "hpsmp.exe" to the local machine from the HP Insight Management v7.3.0 Update 2 DVD ISO. Create batch file with the following commands: @echo off hpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch Copy the batch file to the folder where "hpsmp.exe" normally resides on the target system. Double click on the batch file. The HP Insight Control server migration installation starts in a command prompt. The command prompt closes when the installation finishes. After the installation completes it creates a log file (ICmigr.log) and an output file (ICmigroutput.xml) on the target system. Do not close or click on the command prompt while the process is completing. Do not run the command prompt in the background.
HISTORY Version:1 (rev.1) - 23 July 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. The updates are available from https://h20392.www2.hp.com/portal/swdepot/displayP roductInfo.do?productNumber=OPENSSL11I
HP-UX Release HP-UX OpenSSL version
B.11.11 (11i v1) A.00.09.08za.001_HP-UX_B.11.11_32+64.depot
B.11.23 (11i v2) A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot
B.11.31 (11i v3) A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot
MANUAL ACTIONS: Yes - Update
Install OpenSSL A.00.09.08za or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant. ============================================================================ Ubuntu Security Notice USN-2232-3 June 23, 2014
openssl regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
USN-2232-1 introduced a regression in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem.
Original advisory details:
J=C3=BCri Aedla discovered that OpenSSL incorrectly handled invalid DTLS fragments. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0195) Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2014-0221) KIKUCHI Masashi discovered that OpenSSL incorrectly handled certain handshakes. (CVE-2014-0224) Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled anonymous ECDH ciphersuites. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-3470)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.4
Ubuntu 13.10: libssl1.0.0 1.0.1e-3ubuntu1.6
Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.16
Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.19
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2232-3 http://www.ubuntu.com/usn/usn-2232-1 https://launchpad.net/bugs/1332643
Package Information: https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.4 https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.6 https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.16 https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.19 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04347622
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c04347622 Version: 1
HPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network Products including H3C and 3COM Routers and Switches running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Modification or Disclosure of Information
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2014-06-20 Last Updated: 2014-06-20
Potential Security Impact: Remote Denial of Service (DoS), code execution, unauthorized access, modification of information, disclosure of information
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC), HP Network Products including 3COM and H3C routers and switches running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information.
References:
CVE-2010-5298 Remote Denial of Service (DoS) or Modification of Information CVE-2014-0198 Remote Unauthorized Access (only iMC impacted) CVE-2014-0224 Remote Unauthorized Access or Disclosure of Information SSRT101561 Note: All products listed are impacted by CVE-2014-0224 . iMC is also impacted by CVE-2014-0198 and CVE-2010-5298
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION section below for a list of impacted products.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0 CVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION On June 5th 2014, OpenSSL.org issued an advisory with several CVE vulnerabilities. HP Networking is working to release fixes for these vulnerabilities that impact the products in the table below. As fixed software is made available, this security bulletin will be updated to show the fixed versions. Until the software fixes are available, HP Networking is providing the following information including possible workarounds to mitigate the risks of these vulnerabilities.
Description
The most serious issue reported is CVE-2014-0224 and it is the one discussed here. To take advantage CVE-2014-0224, an attacker must:
be in between the OpenSSL client and OpenSSL server. be capable of intercepting and modifying packets between the OpenSSL client and OpenSSL server in real time.
Workarounds
HP Networking equipment is typically deployed inside firewalls and access to management interfaces and other protocols is more tightly controlled than in public environments. This deployment and security restrictions help to reduce the possibility of an attacker being able to intercept both OpenSSL client and OpenSSL server traffic.
Following the guidelines in the Hardening Comware-based devices can help to further reduce man-in-the-middle opportunities:
http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=c03536 920
For an HP Networking device acting as an OpenSSL Server, using a patched OpenSSL client or non-OpenSSL client eliminates the risk. As an example, most modern web browsers do not use the OpenSSL client and the sessions between the HP Networking OpenSSL server and the non-OpenSSL client are not at risk for this attack. For HP Networking Equipment that is using an OpenSSL client, patching the OpenSSL server will eliminate the risk of this attack.
Protocol Notes
The following details the protocols that use OpenSSL in Comware v5 and Comware v7:
Comware V7:
Server:
FIPS/HTTPS/Load Balancing/Session Initiation Protocol
Client:
Load Balancing/OpenFlow/Session Initiation Protocol/State Machine Based Anti-Spoofing/Dynamic DNS
Comware V5:
Server:
CAPWAP/EAP/SSLVPN
Client:
Dynamic DNS
Family Fixed Version HP Branded Products Impacted H3C Branded Products Impacted 3Com Branded Products Impacted
12900 Switch Series Fix in progress use mitigations JG619A HP FF 12910 Switch AC Chassis JG621A HP FF 12910 Main Processing Unit JG632A HP FF 12916 Switch AC Chassis JG634A HP FF 12916 Main Processing Unit
12500 Fix in progress use mitigations JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JC808A HP 12500 TAA Main Processing Unit H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
12500 (Comware v7) Fix in progress use mitigations JC085A HP A12518 Switch Chassis JC086A HP A12508 Switch Chassis JC652A HP 12508 DC Switch Chassis JC653A HP 12518 DC Switch Chassis JC654A HP 12504 AC Switch Chassis JC655A HP 12504 DC Switch Chassis JF430A HP A12518 Switch Chassis JF430B HP 12518 Switch Chassis JF430C HP 12518 AC Switch Chassis JF431A HP A12508 Switch Chassis JF431B HP 12508 Switch Chassis JF431C HP 12508 AC Switch Chassis JC072B HP 12500 Main Processing Unit JG497A HP 12500 MPU w/Comware V7 OS JG782A HP FF 12508E AC Switch Chassis JG783A HP FF 12508E DC Switch Chassis JG784A HP FF 12518E AC Switch Chassis JG785A HP FF 12518E DC Switch Chassis JG802A HP FF 12500E MPU H3C S12508 Routing Switch(AC-1) (0235A0GE) H3C S12518 Routing Switch(AC-1) (0235A0GF) H3C S12508 Chassis (0235A0E6) H3C S12508 Chassis (0235A38N) H3C S12518 Chassis (0235A0E7) H3C S12518 Chassis (0235A38M)
11900 Switch Series Fix in progress use mitigations JG608A HP FF 11908-V Switch Chassis JG609A HP FF 11900 Main Processing Unit
10500 Switch Series (Comware v5) Fix in progress use mitigations JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC614A HP 10500 Main Processing Unit JC748A HP 10512 Switch Chassis JG375A HP 10500 TAA Main Processing Unit JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis
10500 Switch Series (Comware v7) Fix in progress use mitigations JC611A HP 10508-V Switch Chassis JC612A HP 10508 Switch Chassis JC613A HP 10504 Switch Chassis JC748A HP 10512 Switch Chassis JG820A HP 10504 TAA Switch Chassis JG821A HP 10508 TAA Switch Chassis JG822A HP 10508-V TAA Switch Chassis JG823A HP 10512 TAA Switch Chassis JG496A HP 10500 Type A MPU w/Comware v7 OS
9500E Fix in progress use mitigations JC124A HP A9508 Switch Chassis JC124B HP 9505 Switch Chassis JC125A HP A9512 Switch Chassis JC125B HP 9512 Switch Chassis JC474A HP A9508-V Switch Chassis JC474B HP 9508-V Switch Chassis H3C S9505E Routing-Switch Chassis (0235A0G6) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9512E Routing-Switch Chassis (0235A0G7) H3C S9508E-V Routing-Switch Chassis (0235A38Q) H3C S9505E Chassis w/ Fans (0235A38P) H3C S9512E Chassis w/ Fans (0235A38R)
Router 8800 Fix in progress use mitigations JC147A HP A8802 Router Chassis JC147B HP 8802 Router Chassis JC148A HP A8805 Router Chassis JC148B HP 8805 Router Chassis JC149A HP A8808 Router Chassis JC149B HP 8808 Router Chassis JC150A HP A8812 Router Chassis JC150B HP 8812 Router Chassis JC141A HP 8802 Main Control Unit Module JC138A HP 8805/08/12 (1E) Main Cntrl Unit Mod JC137A HP 8805/08/12 (2E) Main Cntrl Unit Mod H3C SR8805 10G Core Router Chassis (0235A0G8) H3C SR8808 10G Core Router Chassis (0235A0G9) H3C SR8812 10G Core Router Chassis (0235A0GA) H3C SR8802 10G Core Router Chassis (0235A0GC) H3C SR8802 10G Core Router Chassis (0235A31B) H3C SR8805 10G Core Router Chassis (0235A31C) H3C SR8808 10G Core Router Chassis (0235A31D) H3C SR8812 10G Core Router Chassis (0235A31E)
7500 Switch Series Fix in progress use mitigations JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T JC697A HP A7502 TAA Main Processing Unit JC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE JC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE JC700A HP A7500 384 Gbps TAA Fabric / MPU JC701A HP A7510 768 Gbps TAA Fabric / MPU JD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports JD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports JD194A HP 384 Gbps Fabric A7500 Module JD194B HP 7500 384Gbps Fabric Module JD195A HP 7500 384Gbps Advanced Fabric Module JD196A HP 7502 Fabric Module JD220A HP 7500 768Gbps Fabric Module JD238A HP A7510 Switch Chassis JD238B HP 7510 Switch Chassis JD239A HP A7506 Switch Chassis JD239B HP 7506 Switch Chassis JD240A HP A7503 Switch Chassis JD240B HP 7503 Switch Chassis JD241A HP A7506 Vertical Switch Chassis JD241B HP 7506-V Switch Chassis JD242A HP A7502 Switch Chassis JD242B HP 7502 Switch Chassis JD243A HP A7503 Switch Chassis w/1 Fabric Slot JD243B HP 7503-S Switch Chassis w/1 Fabric Slot H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4) H3C S7503E Ethernet Switch Chassis with Fan (0235A0G2) H3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5) H3C S7506E Ethernet Switch Chassis with Fan (0235A0G1) H3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3) H3C S7510E Ethernet Switch Chassis with Fan (0235A0G0) H3C S7502E Chassis w/ fans (0235A29A) H3C S7503E Chassis w/ fans (0235A27R) H3C S7503E-S Chassis w/ fans (0235A33R) H3C S7506E Chassis w/ fans (0235A27Q) H3C S7506E-V Chassis w/ fans (0235A27S)
HSR6800 Fix in progress use mitigations JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6800 Russian Version Fix in progress use mitigations JG361A HP HSR6802 Router Chassis JG362A HP HSR6804 Router Chassis JG363A HP HSR6808 Router Chassis JG364A HP HSR6800 RSE-X2 Router MPU JG779A HP HSR6800 RSE-X2 Router TAA MPU
HSR6602 Fix in progress use mitigations JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
HSR6602 Russian Version Fix in progress use mitigations JG353A HP HSR6602-G Router JG354A HP HSR6602-XG Router JG776A HP HSR6602-G TAA Router JG777A HP HSR6602-XG TAA Router
A6600 Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
A6600 Russian Version Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JC566A HP A6600 RSE-X1 Main Processing Unit JG780A HP 6600 RSE-X1 Router TAA MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
6600 MCP Russian Version Fix in progress use mitigations JC177A HP 6608 Router JC177B HP A6608 Router Chassis JC178A HP 6604 Router Chassis JC178B HP A6604 Router Chassis JC496A HP 6616 Router Chassis JG778A HP 6600 MCP-X2 Router TAA MPU JG355A HP 6600 MCP-X1 Router MPU JG356A HP 6600 MCP-X2 Router MPU H3C RT-SR6608-OVS-H3 (0235A32X) H3C RT-SR6604-OVS-H3 (0235A37X) H3C SR6616 Router Chassis (0235A41D)
5920 Switch Series Fix in progress use mitigations JG296A HP 5920AF-24XG Switch JG555A HP 5920AF-24XG TAA Switch
5900 Switch Series Fix in progress use mitigations JC772A HP 5900AF-48XG-4QSFP+ Switch JG336A HP 5900AF-48XGT-4QSFP+ Switch JG510A HP 5900AF-48G-4XG-2QSFP+ Switch JG554A HP 5900AF-48XG-4QSFP+ TAA Switch JG838A HP FF 5900CP-48XG-4QSFP+ Switch
5900 Virtual Switch Fix in progress use mitigations JG814AAE HP Virtual Switch 5900v VMware E-LTU JG815AAE HP VSO SW for 5900v VMware E-LTU
5830 Switch Series Fix in progress use mitigations JC691A HP A5830AF-48G Switch w/1 Interface Slot JC694A HP A5830AF-96G Switch JG316A HP 5830AF-48G TAA Switch w/1 Intf Slot JG374A HP 5830AF-96G TAA Switch
5820 Switch Series Fix in progress use mitigations JC102A HP 5820-24XG-SFP+ Switch JC106A HP 5820-14XG-SFP+ Switch with 2 Slots JG219A HP 5820AF-24XG Switch JG243A HP 5820-24XG-SFP+ TAA-compliant Switch JG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media modules Plus OSM (0235A37L) H3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T (RJ45) (0235A370)
5800 Switch Series Fix in progress use mitigations JC099A HP 5800-24G-PoE Switch JC100A HP 5800-24G Switch JC101A HP 5800-48G Switch with 2 Slots JC103A HP 5800-24G-SFP Switch JC104A HP 5800-48G-PoE Switch JC105A HP 5800-48G Switch JG225A HP 5800AF-48G Switch JG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots JG254A HP 5800-24G-PoE+ TAA-compliant Switch JG255A HP 5800-24G TAA-compliant Switch JG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt JG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot JG258A HP 5800-48G TAA Switch w 1 Intf Slot H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot (0235A36U) H3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X (SFP Plus ) Plus 1 media module PoE (0235A36S) H3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus media module (no power) (0235A374) H3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus ) Plus media module (0235A379) H3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module (0235A378) H3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM (0235A36W)
5500 HI Switch Series Fix in progress use mitigations JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch JG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch JG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt JG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt JG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt JG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt JG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt JG681A HP 5500-24G-SFP HI TAA Swch w/2Slt
5500 EI Switch Series Fix in progress use mitigations JD373A HP 5500-24G DC EI Switch JD374A HP 5500-24G-SFP EI Switch JD375A HP 5500-48G EI Switch JD376A HP 5500-48G-PoE EI Switch JD377A HP 5500-24G EI Switch JD378A HP 5500-24G-PoE EI Switch JD379A HP 5500-24G-SFP DC EI Switch JG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts JG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts JG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts JG250A HP 5500-24G EI TAA Switch w 2 Intf Slts JG251A HP 5500-48G EI TAA Switch w 2 Intf Slts JG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts JG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts H3C S5500-28C-EI Ethernet Switch (0235A253) H3C S5500-28F-EI Eth Switch AC Single (0235A24U) H3C S5500-52C-EI Ethernet Switch (0235A24X) H3C S5500-28C-EI-DC Ethernet Switch (0235A24S) H3C S5500-28C-PWR-EI Ethernet Switch (0235A255) H3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259) H3C S5500-52C-PWR-EI Ethernet Switch (0235A251)
5500 SI Switch Series Fix in progress use mitigations JD369A HP 5500-24G SI Switch JD370A HP 5500-48G SI Switch JD371A HP 5500-24G-PoE SI Switch JD372A HP 5500-48G-PoE SI Switch JG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts JG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts H3C S5500-28C-SI Ethernet Switch (0235A04U) H3C S5500-52C-SI Ethernet Switch (0235A04V) H3C S5500-28C-PWR-SI Ethernet Switch (0235A05H) H3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)
5120 EI Switch Series Fix in progress use mitigations JE066A HP 5120-24G EI Switch JE067A HP 5120-48G EI Switch JE068A HP 5120-24G EI Switch with 2 Slots JE069A HP 5120-48G EI Switch with 2 Slots JE070A HP 5120-24G-PoE EI Switch with 2 Slots JE071A HP 5120-48G-PoE EI Switch with 2 Slots JG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts JG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts JG245A HP 5120-24G EI TAA Switch w 2 Intf Slts JG246A HP 5120-48G EI TAA Switch w 2 Intf Slts JG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts JG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ) H3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS) H3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR) H3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT) H3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU) H3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)
5120 SI switch Series Fix in progress use mitigations JE072A HP 5120-48G SI Switch JE073A HP 5120-16G SI Switch JE074A HP 5120-24G SI Switch JG091A HP 5120-24G-PoE+ (370W) SI Switch JG092A HP 5120-24G-PoE+ (170W) SI Switch H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W) H3C S5120-20P-SI L2 16GE Plus 4SFP (0235A42B) H3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D) H3C S5120-28P-HPWR-SI (0235A0E5) H3C S5120-28P-PWR-SI (0235A0E3)
4800 G Switch Series Fix in progress use mitigations JD007A HP 4800-24G Switch JD008A HP 4800-24G-PoE Switch JD009A HP 4800-24G-SFP Switch JD010A HP 4800-48G Switch JD011A HP 4800-48G-PoE Switch
3Com Switch 4800G 24-Port (3CRS48G-24-91) 3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91) 3Com Switch 4800G 48-Port (3CRS48G-48-91) 3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91) 3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)
4510G Switch Series Fix in progress use mitigations JF428A HP 4510-48G Switch JF847A HP 4510-24G Switch
3Com Switch 4510G 48 Port (3CRS45G-48-91) 3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91) 3Com Switch E4510-24G (3CRS45G-24-91)
4210G Switch Series Fix in progress use mitigations JF844A HP 4210-24G Switch JF845A HP 4210-48G Switch JF846A HP 4210-24G-PoE Switch
3Com Switch 4210-24G (3CRS42G-24-91) 3Com Switch 4210-48G (3CRS42G-48-91) 3Com Switch E4210-24G-PoE (3CRS42G-24P-91)
3610 Switch Series Fix in progress use mitigations JD335A HP 3610-48 Switch JD336A HP 3610-24-4G-SFP Switch JD337A HP 3610-24-2G-2G-SFP Switch JD338A HP 3610-24-SFP Switch H3C S3610-52P - model LS-3610-52P-OVS (0235A22C) H3C S3610-28P - model LS-3610-28P-OVS (0235A22D) H3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E) H3C S3610-28F - model LS-3610-28F-OVS (0235A22F)
3600 V2 Switch Series Fix in progress use mitigations JG299A HP 3600-24 v2 EI Switch JG300A HP 3600-48 v2 EI Switch JG301A HP 3600-24-PoE+ v2 EI Switch JG301B HP 3600-24-PoE+ v2 EI Switch JG302A HP 3600-48-PoE+ v2 EI Switch JG302B HP 3600-48-PoE+ v2 EI Switch JG303A HP 3600-24-SFP v2 EI Switch JG304A HP 3600-24 v2 SI Switch JG305A HP 3600-48 v2 SI Switch JG306A HP 3600-24-PoE+ v2 SI Switch JG306B HP 3600-24-PoE+ v2 SI Switch JG307A HP 3600-48-PoE+ v2 SI Switch JG307B HP 3600-48-PoE+ v2 SI Switch
3100V2 Fix in progress use mitigations JD313B HP 3100-24-PoE v2 EI Switch JD318B HP 3100-8 v2 EI Switch JD319B HP 3100-16 v2 EI Switch JD320B HP 3100-24 v2 EI Switch JG221A HP 3100-8 v2 SI Switch JG222A HP 3100-16 v2 SI Switch JG223A HP 3100-24 v2 SI Switch
3100V2-48 Fix in progress use mitigations JG315A HP 3100-48 v2 Switch
1910 Fix in progress use mitigations JE005A HP 1910-16G Switch JE006A HP 1910-24G Switch JE007A HP 1910-24G-PoE (365W) Switch JE008A HP 1910-24G-PoE(170W) Switch JE009A HP 1910-48G Switch JG348A HP 1910-8G Switch JG349A HP 1910-8G-PoE+ (65W) Switch JG350A HP 1910-8G-PoE+ (180W) Switch 3Com Baseline Plus Switch 2900 Gigabit Family - 52 port (3CRBSG5293) 3Com Baseline Plus Switch 2900G - 20 port (3CRBSG2093) 3Com Baseline Plus Switch 2900G - 28 port (3CRBSG2893) 3Com Baseline Plus Switch 2900G - 28HPWR (3CRBSG28HPWR93) 3Com Baseline Plus Switch 2900G - 28PWR (3CRBSG28PWR93)
1810v1 P2 Fix in progress use mitigations J9449A HP 1810-8G Switch J9450A HP 1810-24G Switch
1810v1 PK Fix in progress use mitigations J9660A HP 1810-48G Switch
MSR20 Fix in progress use mitigations JD432A HP A-MSR20-21 Multi-Service Router JD662A HP MSR20-20 Multi-Service Router JD663A HP MSR20-21 Multi-Service Router JD663B HP MSR20-21 Router JD664A HP MSR20-40 Multi-Service Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326) H3C MSR 20-20 (0235A19H) H3C MSR 20-21 (0235A325) H3C MSR 20-40 (0235A19K) H3C MSR-20-21 Router (0235A19J)
MSR20-1X Fix in progress use mitigations JD431A HP MSR20-10 Router JD667A HP MSR20-15 IW Multi-Service Router JD668A HP MSR20-13 Multi-Service Router JD669A HP MSR20-13 W Multi-Service Router JD670A HP MSR20-15 A Multi-Service Router JD671A HP MSR20-15 AW Multi-Service Router JD672A HP MSR20-15 I Multi-Service Router JD673A HP MSR20-11 Multi-Service Router JD674A HP MSR20-12 Multi-Service Router JD675A HP MSR20-12 W Multi-Service Router JD676A HP MSR20-12 T1 Multi-Service Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router JG209A HP MSR20-12-T-W Router (NA) JG210A HP MSR20-13-W Router (NA) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) H3C MSR 20-10 (0235A0A7) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-11 (0235A31V) H3C MSR 20-12 (0235A32E) H3C MSR 20-12 T1 (0235A32B) H3C MSR 20-13 (0235A31W) H3C MSR 20-13 W (0235A31X) H3C MSR 20-15 A (0235A31Q) H3C MSR 20-15 A W (0235A31R) H3C MSR 20-15 I (0235A31N) H3C MSR 20-15 IW (0235A31P) H3C MSR20-12 W (0235A32G)
MSR30 Fix in progress use mitigations JD654A HP MSR30-60 POE Multi-Service Router JD657A HP MSR30-40 Multi-Service Router JD658A HP MSR30-60 Multi-Service Router JD660A HP MSR30-20 POE Multi-Service Router JD661A HP MSR30-40 POE Multi-Service Router JD666A HP MSR30-20 Multi-Service Router JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF232A HP RT-MSR3040-AC-OVS-AS-H3 JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S) H3C MSR 30-20 (0235A19L) H3C MSR 30-20 POE (0235A239) H3C MSR 30-40 (0235A20J) H3C MSR 30-40 POE (0235A25R) H3C MSR 30-60 (0235A20K) H3C MSR 30-60 POE (0235A25S) H3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)
MSR30-16 Fix in progress use mitigations JD659A HP MSR30-16 POE Multi-Service Router JD665A HP MSR30-16 Multi-Service Router JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) H3C MSR 30-16 (0235A237) H3C MSR 30-16 POE (0235A238)
MSR30-1X Fix in progress use mitigations JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) H3C RT-MSR3011-AC-OVS-H3 (0235A29L)
MSR50 Fix in progress use mitigations JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR5040-DC-OVS-H3C (0235A20P) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L)
MSR50-G2 Fix in progress use mitigations JD429A HP MSR50 G2 Processor Module JD429B HP MSR50 G2 Processor Module H3C H3C MSR 50 Processor Module-G2 (0231A84Q) H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD(0231A0KL)
MSR20 Russian version Fix in progress use mitigations JD663B HP MSR20-21 Router JF228A HP MSR20-40 Router JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324) H3C RT-MSR2040-AC-OVS-H3 (0235A326)
MSR20-1X Russian version Fix in progress use mitigations JD431A HP MSR20-10 Router JF236A HP MSR20-15-I Router JF237A HP MSR20-15-A Router JF238A HP MSR20-15-I-W Router JF239A HP MSR20-11 Router JF240A HP MSR20-13 Router JF241A HP MSR20-12 Router JF806A HP MSR20-12-T Router JF807A HP MSR20-12-W Router JF808A HP MSR20-13-W Router JF809A HP MSR20-15-A-W Router JF817A HP MSR20-15 Router H3C MSR 20-10 (0235A0A7) H3C RT-MSR2015-AC-OVS-I-H3 (0235A394) H3C RT-MSR2015-AC-OVS-A-H3 (0235A392) H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393) H3C RT-MSR2011-AC-OVS-H3 (0235A395) H3C RT-MSR2013-AC-OVS-H3 (0235A390) H3C RT-MSR2012-AC-OVS-H3 (0235A396) H3C RT-MSR2012-T-AC-OVS-H3 (0235A398) H3C RT-MSR2012-AC-OVS-W-H3 (0235A397) H3C RT-MSR2013-AC-OVS-W-H3 (0235A391) H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)
MSR30 Russian version Fix in progress use mitigations JF229A HP MSR30-40 Router JF230A HP MSR30-60 Router JF235A HP MSR30-20 DC Router JF284A HP MSR30-20 Router JF287A HP MSR30-40 DC Router JF801A HP MSR30-60 DC Router JF802A HP MSR30-20 PoE Router JF803A HP MSR30-40 PoE Router JF804A HP MSR30-60 PoE Router H3C RT-MSR3040-AC-OVS-H (0235A299) H3C RT-MSR3060-AC-OVS-H3 (0235A320) H3C RT-MSR3020-DC-OVS-H3 (0235A267) H3C MSR 30-20 Router (0235A328) H3C MSR 30-40 Router Host(DC) (0235A268) H3C RT-MSR3060-DC-OVS-H3 (0235A269) H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322) H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323) H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)
MSR30-1X Russian version Fix in progress use mitigations JF800A HP MSR30-11 Router JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr JG182A HP MSR30-11E Router JG183A HP MSR30-11F Router JG184A HP MSR30-10 DC Router H3C RT-MSR3011-AC-OVS-H3 (0235A29L) H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)
MSR30-16 Russian version Fix in progress use mitigations JF233A HP MSR30-16 Router JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327) H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)
MSR50 Russian version Fix in progress use mitigations JD433A HP MSR50-40 Router JD653A HP MSR50 Processor Module JD655A HP MSR50-40 Multi-Service Router JD656A HP MSR50-60 Multi-Service Router JF231A HP MSR50-60 Router JF285A HP MSR50-40 DC Router JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297) H3C MSR 50 Processor Module (0231A791) H3C MSR 50-40 Chassis (0235A20N) H3C MSR 50-60 Chassis (0235A20L) H3C RT-MSR5060-AC-OVS-H3 (0235A298) H3C MSR5040-DC-OVS-H3C (0235A20P)
MSR50 G2 Russian version Fix in progress use mitigations JD429B HP MSR50 G2 Processor Module H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD (0231A0KL)
MSR9XX Fix in progress use mitigations JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr JG207A HP MSR900-W Router (NA) JG208A HP MSR920-W Router (NA) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)
MSR9XX Russian version Fix in progress use mitigations JF812A HP MSR900 Router JF813A HP MSR920 Router JF814A HP MSR900-W Router JF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX) H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2) H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)
MSR93X Fix in progress use mitigations JG511A HP MSR930 Router JG512A HP MSR930 Wireless Router JG513A HP MSR930 3G Router JG514A HP MSR931 Router JG515A HP MSR931 3G Router JG516A HP MSR933 Router JG517A HP MSR933 3G Router JG518A HP MSR935 Router JG519A HP MSR935 Wireless Router JG520A HP MSR935 3G Router JG531A HP MSR931 Dual 3G Router JG596A HP MSR930 4G LTE/3G CDMA Router JG597A HP MSR936 Wireless Router JG665A HP MSR930 4G LTE/3G WCDMA Global Router JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
MSR93X Russian version Fix in progress use mitigations JG511A HP MSR930 Router JG512A HP MSR930 Wireless Router JG513A HP MSR930 3G Router JG514A HP MSR931 Router JG515A HP MSR931 3G Router JG516A HP MSR933 Router JG517A HP MSR933 3G Router JG518A HP MSR935 Router JG519A HP MSR935 Wireless Router JG520A HP MSR935 3G Router JG531A HP MSR931 Dual 3G Router JG596A HP MSR930 4G LTE/3G CDMA Router JG597A HP MSR936 Wireless Router JG665A HP MSR930 4G LTE/3G WCDMA Global Router JG704A HP MSR930 4G LTE/3G WCDMA ATT Router
MSR1000 Fix in progress use mitigations JG732A HP MSR1003-8 AC Router
MSR2000 Fix in progress use mitigations JG411A HP MSR2003 AC Router
MSR3000 Fix in progress use mitigations JG404A HP MSR3064 Router JG405A HP MSR3044 Router JG406A HP MSR3024 AC Router JG409A HP MSR3012 AC Router JG861A HP MSR3024 TAA-compliant AC Router
MSR4000 Fix in progress use mitigations JG402A HP MSR4080 Router Chassis JG403A HP MSR4060 Router Chassis JG412A HP MSR4000 MPU-100 Main Processing Unit
F5000 Fix in progress use mitigations JG216A HP F5000 Firewall Standalone Chassis JD259A HP A5000-A5 VPN Firewall Chassis H3C SecPath F5000-A5 Host System (0150A0AG)
U200S and CS Fix in progress use mitigations JD268A HP 200-CS UTM Appliance JD273A HP U200-S UTM Appliance H3C SecPath U200-S (0235A36N)
U200A and M Fix in progress use mitigations JD274A HP 200-M UTM Appliance JD275A HP U200-A UTM Appliance H3C SecPath U200-A (0235A36Q)
F1000A and S Fix in progress use mitigations JD270A HP S1000-S VPN Firewall Appliance JD271A HP S1000-A VPN Firewall Appliance JG213A HP F1000-S-EI VPN Firewall Appliance JG214A HP F1000-A-EI VPN Firewall Appliance
SecBlade FW Fix in progress use mitigations JC635A HP 12500 VPN Firewall Module JD245A HP 9500 VPN Firewall Module JD249A HP 10500/7500 Advanced VPN Firewall Mod JD250A HP 6600 Firewall Processing Rtr Module JD251A HP 8800 Firewall Processing Module JD255A HP 5820 VPN Firewall Module H3C S9500E SecBlade VPN Firewall Module (0231A0AV) H3C S7500E SecBlade VPN Firewall Module (0231A832) H3C SR66 Gigabit Firewall Module (0231A88A) H3C SR88 Firewall Processing Module (0231A88L) H3C S5820 SecBlade VPN Firewall Module (0231A94J)
F1000E Fix in progress use mitigations JD272A HP S1000-E VPN Firewall Appliance
VSR1000 Fix in progress use mitigations JG810AAE HP VSR1001 Virtual Services Router JG811AAE HP VSR1001 Virtual Services Router JG812AAE HP VSR1004 Virtual Services Router JG813AAE HP VSR1008 Virtual Services Router
WX5002/5004 Fix in progress use mitigations JD441A HP 5800 ACM for 64-256 APs JD447B HP WX5002 Access Controller JD448A HP A-WX5004 Access Controller JD448B HP WX5004 Access Controller JD469A HP A-WX5004 (3Com) Access Controller JG261A HP 5800 Access Controller OAA TAA Mod
HP 850/870 Fix in progress use mitigations JG723A HP 870 Unified Wired-WLAN Appliance JG725A HP 870 Unifd Wrd-WLAN TAA Applnc
HP 830 Fix in progress use mitigations JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch JG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch JG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch JG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch
HP 6000 Fix in progress use mitigations JG639A HP 10500/7500 20G Unified Wired-WLAN Mod JG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod
M220 Fix in progress use mitigations J9798A HP M220 802.11n AM Access Point J9799A HP M220 802.11n WW Access Point
NGFW Fix in progress use mitigations JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic JC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic JC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic JC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic JC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic
iMC UAM 7.0 Fix in progress use mitigations JD144A HP IMC UAM S/W Module w/200-User License JF388A HP IMC UAM S/W Module w/200-user License JD435A HP IMC EAD Client Software JF388AAE HP IMC UAM S/W Module w/200-user E-LTU JG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU
iMC EAD 7.0 Fix in progress use mitigations JF391AAE HP IMC EAD S/W Module w/200-user E-LTU JG754AAE HP IMC EAD SW Module w/ 50-user E-LTU JD147A HP IMC Endpoint Admission Defense Software Module with 200-user License JF391A HP IMC EAD S/W Module w/200-user License
iMC PLAT 7.0 Fix in progress use mitigations JF377AAE HP IMC Standard Edition Software Platform with 100-node E-LTU JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU JG747AAE HP IMC Standard Software Platform with 50-node E-LTU JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU JD125A HP IMC Standard Edition Software Platform with 100-node License JD815A HP IMC Standard Edition Software Platform with 100-node License JD816A HP A-IMC Standard Edition Software DVD Media JF377A HP IMC Standard Edition Software Platform with 100-node License JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU TJ635AAE HP IMC for ANM 50 node pack SW E-LTU (On HP Softwares CPL not HPNs) JF378AAE HP IMC Enterprise Edition Software Platform with 200-Node E-LTU JG748AAE HP IMC Enterprise Software Platform with 50-node E-LTU JD126A HP A-IMC Enterprise Software Platform with 200-node License JD808A HP A-IMC Enterprise Software Platform with 200-node License JD814A HP A-IMC Enterprise Edition Software DVD Media JF378A HP IMC Enterprise Edition Software Platform with 200-node License JG546AAE HP IMC Basic SW Platform w/50-node E-LTU JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU JG550AAE HP PMM to IMC Bsc WLM Upgr w/150 AP E-LTU JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU JG659AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU JG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU JG660AAE HP IMC Smart Connect w / WLAN Manager Virtual Appliance Edition E-LTU JG767AAE HP IMC Smart Connect with Wireless Service Manager Virtual Appliance Software E-LTU
HISTORY Version:1 (rev.1) - 20 June 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlOkrM4ACgkQ4B86/C0qfVn7/QCeK5T1H9dXfVQgIKSr5USqLmvq CtMAnjujH7e5aXfIOvxyyuB0FcSwIWCM =CEL7 -----END PGP SIGNATURE----- . OpenSSL is a 3rd party product that is embedded with some HP printer products. This bulletin notifies HP Printer customers about impacted products. To obtain the updated firmware, go to www.hp.com and follow these steps:
Select "Drivers & Software". Enter the appropriate product name listed in the table below into the search field. Click on "Search". Click on the appropriate product. Under "Select operating system" click on "Cross operating system (BIOS, Firmware, Diagnostics, etc.)" Note: If the "Cross operating system ..." link is not present, select applicable Windows operating system from the list. Select the appropriate firmware update under "Firmware".
Firmware Updates Table
Product Name Model Number Firmware Revision
HP Color LaserJet CM4540 MFP CC419A, CC420A, CC421A v 2302963_436067 (or higher)
HP Color LaserJet CP5525 CE707A,CE708A,CE709A v 2302963_436070 (or higher)
HP Color LaserJet Enterprise M750 D3L08A, D3L09A, D3L10A v 2302963_436077 (or higher)
HP Color LaserJet M651 CZ255A, CZ256A, CZ257A, CZ258A v 2302963_436073 (or higher)
HP Color LaserJet M680 CZ248A, CZ249A v 2302963_436072 (or higher)
HP Color LaserJet Flow M680 CZ250A, CA251A v 2302963_436072 (or higher)
HP LaserJet Enterprise 500 color MFP M575dn CD644A, CD645A v 2302963_436081 (or higher)
HP LaserJet Enterprise 500 MFP M525f CF116A, CF117A v 2302963_436069 (or higher)
HP LaserJet Enterprise 600 M601 Series CE989A, CE990A v 2302963_436082 (or higher)
HP LaserJet Enterprise 600 M602 Series CE991A, CE992A, CE993A v 2302963_436082 (or higher)
HP LaserJet Enterprise 600 M603 Series CE994A, CE995A, CE996A v 2302963_436082 (or higher)
HP LaserJet Enterprise MFP M630 series B3G84A, B3G85A, B3G86A, J7X28A v 2303714_233000041 (or higher)
HP LaserJet Enterprise 700 color M775 series CC522A, CC523A, CC524A, CF304A v 2302963_436079 (or higher)
HP LaserJet Enterprise 700 M712 series CF235A, CF236A, CF238A v 2302963_436080 (or higher)
HP LaserJet Enterprise 800 color M855 A2W77A, A2W78A, A2W79A v 2302963_436076 (or higher)
HP LaserJet Enterprise 800 color MFP M880 A2W76A, A2W75A, D7P70A, D7P71A v 2302963_436068 (or higher)
HP LaserJet Enterprise Color 500 M551 Series CF081A,CF082A,CF083A v 2302963_436083 (or higher)
HP LaserJet Enterprise color flow MFP M575c CD646A v 2302963_436081 (or higher)
HP LaserJet Enterprise flow M830z MFP CF367A v 2302963_436071 (or higher)
HP LaserJet Enterprise flow MFP M525c CF118A v 2302963_436069 (or higher)
HP LaserJet Enterprise M4555 MFP CE502A,CE503A, CE504A, CE738A v 2302963_436064 (or higher)
HP LaserJet Enterprise M806 CZ244A, CZ245A v 2302963_436075 (or higher)
HP LaserJet Enterprise MFP M725 CF066A, CF067A, CF068A, CF069A v 2302963_436078 (or higher)
HP Scanjet Enterprise 8500 Document Capture Workstation L2717A, L2719A v 2302963_436065 (or higher)
OfficeJet Enterprise Color MFP X585 B5L04A, B5L05A,B5L07A v 2302963_436066 (or higher)
OfficeJet Enterprise Color X555 C2S11A, C2S12A v 2302963_436074 (or higher)
HP Color LaserJet CP3525 CC468A, CC469A, CC470A, CC471A v 06.183.1 (or higher)
HP LaserJet M4345 Multifunction Printer CB425A, CB426A, CB427A, CB428A v 48.306.1 (or higher)
HP LaserJet M5025 Multifunction Printer Q7840A v 48.306.1 (or higher)
HP Color LaserJet CM6040 Multifunction Printer Q3938A, Q3939A v 52.256.1 (or higher)
HP Color LaserJet Enterprise CP4525 CC493A, CC494A, CC495A v 07.164.1 (or higher)
HP Color LaserJet Enterprise CP4025 CC489A, CC490A v 07.164.1 (or higher)
HP LaserJet M5035 Multifunction Printer Q7829A, Q7830A, Q7831A v 48.306.1 (or higher)
HP LaserJet M9050 Multifunction Printer CC395A v 51.256.1 (or higher)
HP LaserJet M9040 Multifunction Printer CC394A v 51.256.1 (or higher)
HP Color LaserJet CM4730 Multifunction Printer CB480A, CB481A, CB482A, CB483A v 50.286.1 (or higher)
HP LaserJet M3035 Multifunction Printer CB414A, CB415A, CC476A, CC477A v 48.306.1 (or higher)
HP 9250c Digital Sender CB472A v 48.293.1 (or higher)
HP LaserJet Enterprise P3015 CE525A,CE526A,CE527A,CE528A,CE595A v 07.186.1 (or higher)
HP LaserJet M3027 Multifunction Printer CB416A, CC479A v 48.306.1 (or higher)
HP LaserJet CM3530 Multifunction Printer CC519A, CC520A v 53.236.1 (or higher)
HP Color LaserJet CP6015 Q3931A, Q3932A, Q3933A, Q3934A, Q3935A v 04.203.1 (or higher)
HP LaserJet P4515 CB514A,CB515A, CB516A, CB517A v 04.213.1 (or higher)
HP Color LaserJet CM6030 Multifunction Printer CE664A, CE665A v 52.256.1 (or higher)
HP LaserJet P4015 CB509A, CB526A, CB511A, CB510A v 04.213.1 (or higher)
HP LaserJet P4014 CB507A, CB506A, CB512A v 04.213.1 (or higher)
HISTORY Version:1 (rev.1) - 22 September 2014 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0445",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "nec",
"version": null
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "6.2.3"
},
{
"model": "jboss enterprise web server",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "2.0.1"
},
{
"model": "jboss enterprise web platform",
"scope": "eq",
"trust": 1.3,
"vendor": "redhat",
"version": "5.2.0"
},
{
"model": "power",
"scope": "eq",
"trust": 1.2,
"vendor": "ibm",
"version": "7200"
},
{
"model": "powerlinux 7r2",
"scope": "eq",
"trust": 1.2,
"vendor": "ibm",
"version": "0"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8za"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.2"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0m"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "19"
},
{
"model": "application processing engine",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0.2"
},
{
"model": "node.js",
"scope": "lt",
"trust": 1.0,
"vendor": "nodejs",
"version": "0.10.29"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"model": "storage",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "cp1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "20"
},
{
"model": "rox",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.16.1"
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "2.7.0"
},
{
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.4.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "openssl",
"scope": "gte",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "s7-1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "2.7.8"
},
{
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.4.2"
},
{
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.0"
},
{
"model": "server",
"scope": "lt",
"trust": 1.0,
"vendor": "filezilla",
"version": "0.9.45"
},
{
"model": "openssl",
"scope": "lt",
"trust": 1.0,
"vendor": "openssl",
"version": "1.0.1h"
},
{
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.0.13"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.2.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4"
},
{
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7100"
},
{
"model": "power",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "7400"
},
{
"model": "powerlinux 7r1",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "0"
},
{
"model": "bladecenter advanced management module 3.66e",
"scope": null,
"trust": 0.9,
"vendor": "ibm",
"version": null
},
{
"model": "junos 12.1x44-d20",
"scope": null,
"trust": 0.9,
"vendor": "juniper",
"version": null
},
{
"model": "power express",
"scope": "eq",
"trust": 0.9,
"vendor": "ibm",
"version": "5200"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmate",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "global associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nvidia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "junos 11.4r9",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7700"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.1"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.0"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "5700"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7800"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7300"
},
{
"model": "power",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7500"
},
{
"model": "junos 10.4s15",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "junos 13.2r2",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4r15",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "junos 13.3r1",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4s",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "one-x mobile sip for ios",
"scope": "eq",
"trust": 0.6,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "11.4x27"
},
{
"model": "junos 11.4r8",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4r16",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1x45-d10",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "junos 12.1r7",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "10.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.110.6"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "power ps702",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.30"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.3"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.117"
},
{
"model": "junos d30",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.112"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.46"
},
{
"model": "chrome for android",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.141"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.6"
},
{
"model": "integration bus",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.0"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8800"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.18"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.1"
},
{
"model": "oncommand performance manager",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v210.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.10"
},
{
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.155"
},
{
"model": "laserjet pro color printer m251n/nw cf147a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "horizon view feature pack",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.5"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.0"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6.1"
},
{
"model": "cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "computer telephony integration object server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2.2"
},
{
"model": "vsphere virtual disk development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "fortimanager",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "laserjet p2055 printer series ce460a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.35"
},
{
"model": "ace application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datafort e-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571471.43"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v2-480"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "junos 11.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.470"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.4"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.6.10"
},
{
"model": "junos 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "project openssl 1.0.0g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos space ja1500 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.3"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x571431.43"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.3"
},
{
"model": "laserjet printer series q7543a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"model": "laserjet enterprise flow mfp m525c cf118a 2302963 436069",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.20"
},
{
"model": "fortios b0537",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.06"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.0"
},
{
"model": "laserjet enterprise m806 cz244a 2302963 436075",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.3"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "9.1-release-p15",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "laserjet enterprise color m775 series cf304a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "fortirecorder",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.4.2"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.00"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.3.3"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.32"
},
{
"model": "laserjet enterprise mfp m525f cf117a 2302963 436069",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "laserjet enterprise color m775 series cc522a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.15"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.7"
},
{
"model": "secure analytics 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "vpn client v100r001c02spc702",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet enterprise color mfp m880 d7p70a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.6"
},
{
"model": "laserjet pro color mfp m276n/nw cf145a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.1.100.3"
},
{
"model": "api management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "laserjet m9050 multifunction printer cc395a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310025820"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "34.0"
},
{
"model": "junos 13.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.0"
},
{
"model": "integrity superdome and hp converged system for sap hana",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "x9005.50.12"
},
{
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.20"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.3"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.8"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.1"
},
{
"model": "sdn for virtual environments",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.5"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.2"
},
{
"model": "manageone v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.1"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7400"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.38"
},
{
"model": "tivoli workload scheduler distributed ga level",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2.0"
},
{
"model": "snapprotect",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "junos r8-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.34"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "color laserjet enterprise cp4525 cc495a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.0-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.49"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.342"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "oneview",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.10"
},
{
"model": "laserjet enterprise mfp m725 cf069a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.53"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.0.1"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.6"
},
{
"model": "prime access registrar appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.48"
},
{
"model": "nvp",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.2.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.1"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "tivoli netcool/system service monitor fp11",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "tekelec hlr router",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "open systems snapvault agent",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "agile controller v100r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "laserjet p4515 cb515a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "laserjet pro mfp m425dn/dw cf286a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020140919"
},
{
"model": "laserjet enterprise m712 series cf236a 2302963 436080",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.49"
},
{
"model": "project openssl 1.0.0h",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "mds switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.3.5"
},
{
"model": "idol speech software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.5.0.16091"
},
{
"model": "laserjet enterprise color m551 series cf082a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.6"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.124"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.10"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.1"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90000"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.32"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.14"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.211"
},
{
"model": "laserjet enterprise mfp m725 cf066a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.40"
},
{
"model": "websphere mq",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.1.10"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "wx5002/5004 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "netscaler 9.3.e",
"scope": null,
"trust": 0.3,
"vendor": "citrix",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.71"
},
{
"model": "laserjet m9040 multifunction printer cc394a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51.256.1"
},
{
"model": "updatexpress system packs installer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "usg5000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.46"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.3"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "junos space 13.3r1.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "proxyav",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.4"
},
{
"model": "project openssl 0.9.8y",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "enterprise communications broker pcz2.0.0m4p5",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "sparc enterprise m4000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1118"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.1"
},
{
"model": "aura application server sip core pb23",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "vsr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.33"
},
{
"model": "asg2000 v100r001c10sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os beta",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.130.14"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.14"
},
{
"model": "wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.16"
},
{
"model": "junos r4-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.128.3"
},
{
"model": "virtuozzo containers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "4.6"
},
{
"model": "laserjet p4015 cb526a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "laserjet enterprise mfp m630 series j7x28a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "laserjet p3005 printer series q7813a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.4"
},
{
"model": "vsphere virtual disk development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "infosphere master data management",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.24"
},
{
"model": "vsm v200r002c00spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.37"
},
{
"model": "10.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "710/7300"
},
{
"model": "vdi-in-a-box",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.8"
},
{
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.08"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.4"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "0"
},
{
"model": "nextscale nx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54550"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.52"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.110"
},
{
"model": "network connect 8.0r3.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system chassis management module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32200"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.8"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.4"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "s5900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0"
},
{
"model": "p2000 g3 msa array system ts251p006",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "documentum content server p05",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "laserjet printer series q5404a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.5"
},
{
"model": "jabber video for telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.2"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "flex system p270",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.04"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.10"
},
{
"model": "laserjet p4015 cb509a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.2"
},
{
"model": "tivoli workload scheduler distributed fp05",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "tivoli workload scheduler distributed fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "endeca information discovery studio",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.1"
},
{
"model": "snapdrive for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.18"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "10.0-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.3"
},
{
"model": "infosphere master data management provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.5"
},
{
"model": "laserjet m5035 multifunction printer q7829a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.38"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3200"
},
{
"model": "s2750\u0026s5700\u0026s6700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "8.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5.2.3"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "laserjet enterprise m602 series ce992a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "fortiwifi",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "laserjet enterprise m712 series cf238a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-453"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.4"
},
{
"model": "junos 12.1r8-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx5208-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.344"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087220"
},
{
"model": "9.2-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "content analysis system software",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.5.5"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "junos 12.1x46-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "sparc enterprise m9000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.14"
},
{
"model": "advanced settings utility",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.0"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.7"
},
{
"model": "(comware family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12500v7)0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.11"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.50"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v5000-"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.72"
},
{
"model": "nexus series fabric extenders",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "intelligencecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.2"
},
{
"model": "project openssl 1.0.1f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "strm 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "financial services lending and leasing",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "14.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.2"
},
{
"model": "fortimail build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8546"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.55"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.5"
},
{
"model": "documentum content server p02",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "9.0.3"
},
{
"model": "sbr global enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "color laserjet printer series q7533a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.19"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "power ps700",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.7"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "laserjet enterprise m712 series cf235a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "color laserjet cp5525 ce708a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.12"
},
{
"model": "desktop collaboration experience dx650",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura application server sip core pb28",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "oncommand workflow automation",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.2"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.48"
},
{
"model": "telepresence system series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.5.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.41"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.63"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.9"
},
{
"model": "secure analytics 2014.2r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet cm4540 mfp cc421a 2302963 436067",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tivoli workload scheduler for applications fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "color laserjet cp6015 q3934a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.5"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.6"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.24"
},
{
"model": "telepresence ip gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "junos 12.1r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system en2092 1gb ethernet scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "p2000 g3 msa array system ts251p005",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "idol software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.8"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.0"
},
{
"model": "open systems snapvault 3.0.1p6",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "key",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.2"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.14"
},
{
"model": "laserjet p4515 cb515a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "worklight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.0"
},
{
"model": "tivoli netcool/system service monitor fp13",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "laserjet enterprise color m775 series cc523a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.01"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.11"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.1"
},
{
"model": "power 780",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "watson explorer security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6"
},
{
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056340"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.53"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7700"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.4"
},
{
"model": "junos 12.2r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.7"
},
{
"model": "u200s and cs family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "security threat response manager 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.71"
},
{
"model": "pulse desktop 5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.2"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.7"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.1"
},
{
"model": "winscp",
"scope": "ne",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.4"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.04"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "enterprise session border controller ecz7.3m2p2",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.02"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.6"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "laserjet m3035 multifunction printer cc476a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "hsr6800 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3"
},
{
"model": "color laserjet m651 cz258a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v5)0"
},
{
"model": "ddos secure",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.14.1-1"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.4.1"
},
{
"model": "9.3-beta1-p2",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.2"
},
{
"model": "vsm v200r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "junos 12.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "message networking sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "officejet enterprise color mfp b5l05a 2302963 436066",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x585"
},
{
"model": "color laserjet cm4540 mfp cc420a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "dgs-1210-52",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.025"
},
{
"model": "ngfw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "powervu d9190 comditional access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.57"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "msr9xx russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "junos 12.3r4-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.14"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "10.0-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.3"
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.1"
},
{
"model": "ive os 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"model": "laserjet enterprise m806 cz244a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "usage meter",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.3"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.73"
},
{
"model": "security network intrusion prevention system gx5008",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "softco v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.4.2.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.3"
},
{
"model": "s2700\u0026s3700 v100r006c05+v100r06h",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.56"
},
{
"model": "horizon mirage edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.4.2"
},
{
"model": "oceanstor s6800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "virtuozzo containers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "4.6"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "junos 12.1x44-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet cm4730 multifunction printer cb480a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.54"
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "laserjet enterprise p3015 ce527a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence mcu series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system fabric cn4093 10gb converged scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.9.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.8"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.014"
},
{
"model": "asg2000 v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.154"
},
{
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security network intrusion prevention system gv1000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "nac manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.4"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "smc2.0 v100r002c01b017sp17",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.6"
},
{
"model": "laserjet cm3530 multifunction printer cc519a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "laserjet pro color mfp m276n/nw cf144a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58000"
},
{
"model": "color laserjet cm4730 multifunction printer cb481a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "email appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.7.0.0"
},
{
"model": "email security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "junos os 12.1x46-d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.43"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.13"
},
{
"model": "junos 12.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.4"
},
{
"model": "network connect 7.4r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "msa storage gl200r007",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1040"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.4"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.10"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89450"
},
{
"model": "rox",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16.1"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "usg2000 v300r001c10sph201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet p4014 cb506a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.0"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.1.8"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "system x3500m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73801.42"
},
{
"model": "licensing",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325025830"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.53"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.9"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.2"
},
{
"model": "enterprise content management system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "switch series (comware",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10500v7)0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.6"
},
{
"model": "idol image server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.7"
},
{
"model": "ecns600 v100r002c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "espace u19** v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 1.0.0c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "spa112 2-port phone adapter",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.2.1-x"
},
{
"model": "watson explorer security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "laserjet enterprise color m551 series cf081a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.0"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70003.4.20"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.2"
},
{
"model": "oceanstor s5600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "9.0--releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "laserjet enterprise color m855 a2w78a 2302963 436076",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.2"
},
{
"model": "color laserjet printer series q5984a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "simatic cp1543-1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1"
},
{
"model": "power express f/c",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "52056330"
},
{
"model": "color laserjet cp5525 ce707a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "9.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73231.42"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3-66.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.23"
},
{
"model": "laserjet p4014 cb507a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "bladecenter js43 with feature code",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x8446)0"
},
{
"model": "toolscenter suite",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.53"
},
{
"model": "unified communications series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.18"
},
{
"model": "junos space 11.4r5.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system storage ts2900 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0026"
},
{
"model": "junos 12.1r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "8.4-release-p12",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "netcool/system service monitor fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.014"
},
{
"model": "exalogic",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x2-22.0.6.2.0"
},
{
"model": "color laserjet m680 cz248a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "bbm for android",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.46"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.5"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.6.0"
},
{
"model": "color laserjet enterprise cp4025 cc489a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "tivoli management framework",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.1"
},
{
"model": "laserjet m3027 multifunction printer cb416a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security information and event management hf11",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3.2"
},
{
"model": "laserjet pro mfp m425dn/dw cf288a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020140919"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "junos 12.1r5-s3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x363071580"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.29"
},
{
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.30"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.4"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.1"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1.1"
},
{
"model": "content analysis system",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "vsphere storage appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "aura experience portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "elan",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "8.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.15"
},
{
"model": "tivoli storage productivity center fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0"
},
{
"model": "laserjet m5035 multifunction printer q7831a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "2.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "msr2000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "email security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura presence services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "color laserjet printer series cb433a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "laserjet enterprise m712 series cf236a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.12"
},
{
"model": "tivoli netcool/system service monitor fp9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "communicator for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "color laserjet printer series q7535a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "8.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.7"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "svn2200 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "bladecenter js12 express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-60x)0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.12"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "laserjet multifunction printer series q3943a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "usg9500 v300r001c01spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet p4015 cb526a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "cms r16 r6",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73271.42"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.115"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.52"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "flashsystem 9840-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.3.2.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.12"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.0"
},
{
"model": "color laserjet cp3505 printer series ce491a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "laserjet m5035 multifunction printer q7830a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4.0.15779"
},
{
"model": "color laserjet cp3525 cc468a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6"
},
{
"model": "8.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura application server sip core pb5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "host agent for oncommand core package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "mcp russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.0.12141"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.159"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "ecns610 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.24"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.93"
},
{
"model": "color laserjet printer series q7495a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "a6600 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.817"
},
{
"model": "laserjet enterprise m602 series ce991a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "f5000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "color laserjet cm6030 multifunction printer ce664a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "9.2-release-p8",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.1"
},
{
"model": "color laserjet enterprise cp4025 cc489a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "network connect 7.4r9.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vcsa",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "idataplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "color laserjet cp3525 cc471a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "laserjet enterprise flow mfp m525c cf118a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos r11",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.913"
},
{
"model": "laserjet enterprise color flow mfp m575c cd646a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet m3035 multifunction printer cb415a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "junos 10.4s13",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3"
},
{
"model": "laserjet cm3530 multifunction printer cc520a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.7"
},
{
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.0"
},
{
"model": "oceanstor s5600t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "espace iad v300r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.44"
},
{
"model": "color laserjet cp5525 ce708a 2302963 436070",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "cognos express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "pk family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "color laserjet cp6015 q3935a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "3par service processor sp-4.2.0.ga-29.p002",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.10"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "telepresence server on virtual machine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise m602 series ce993a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.126"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-2"
},
{
"model": "laserjet m4345 multifunction printer cb427a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.6.1"
},
{
"model": "laserjet p4515 cb517a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "color laserjet cp5525 ce709a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet m5025 multifunction printer q7840a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.12"
},
{
"model": "oceanstor s5800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "security network intrusion prevention system gx4002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "oceanstor s5800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet cp6015 q3933a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.20"
},
{
"model": "color laserjet flow m680 cz250a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 11.4r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.2"
},
{
"model": "color laserjet cp3505 printer series cb444a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.3"
},
{
"model": "icewall sso dfw r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.10"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "color laserjet printer series cb432a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "cognos express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "horizon view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3.1"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.7.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0.00"
},
{
"model": "color laserjet multifunction printer series q7519a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "telepresence tx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "90006.1.20"
},
{
"model": "flashsystem 9848-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.2"
},
{
"model": "malware analysis appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.31"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.2"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.00"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.6.2"
},
{
"model": "junos os 12.1x47-d15",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.25"
},
{
"model": "junos 13.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vfabric application director",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "tandberg mxp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9900"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.10"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.2"
},
{
"model": "cloud service automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.00"
},
{
"model": "d9036 modular encoding platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cluster network/management switches",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "vma san gateway g5.5.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "flex system p260 compute node /fc efd9",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "10.0-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.92743"
},
{
"model": "system storage ts2900 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0025"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8300"
},
{
"model": "color laserjet cm6040 multifunction printer q3938a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "chargeback manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.6"
},
{
"model": "fortianalyzer",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2"
},
{
"model": "color laserjet m651 cz258a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5950"
},
{
"model": "tivoli netcool/system service monitor fp7",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.4"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "tssc",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.15"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.7"
},
{
"model": "secblade fw family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.42"
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "bbm for iphone",
"scope": "ne",
"trust": 0.3,
"vendor": "rim",
"version": "2.2.1.24"
},
{
"model": "vsphere sdk for perl",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "laserjet enterprise color mfp m880 a2w76a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0.1650.59"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.1"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "project openssl 0.9.8s",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "telepresence serial gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uacos c4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "elog v100r003c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.2"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.0"
},
{
"model": "ata series analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1900"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.7"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.125"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.0.9.8"
},
{
"model": "laserjet enterprise p3015 ce528a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89610"
},
{
"model": "idol speech software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "color laserjet enterprise cp4525 cc494a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.7"
},
{
"model": "vcenter operations manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.8.1"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.5"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.30"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.51"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364160"
},
{
"model": "fortianalyzer",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.4"
},
{
"model": "prime lan management solution",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "msr50 g2 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70006.4"
},
{
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7080"
},
{
"model": "dgs-1500-52",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "junos 11.4r6-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet m9040 multifunction printer cc394a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cms r17ac.h",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.1"
},
{
"model": "color laserjet cp3525 cc470a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.122"
},
{
"model": "laserjet pro color printer m251n/nw cf146a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20020140919"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.1"
},
{
"model": "laserjet printer series q5401a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.47"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10"
},
{
"model": "ucs central",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "power ps703 blade",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7891-73x)0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.3.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.36"
},
{
"model": "system storage ts3400 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0039"
},
{
"model": "dynamic system analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.6"
},
{
"model": "s7700\u0026s9700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.6"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.3.4"
},
{
"model": "junos 12.1x44-d32",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.2"
},
{
"model": "freedome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "fortios b0630",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1768"
},
{
"model": "nac guest server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.00"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.60"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.4"
},
{
"model": "dsr-1000n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.1.0"
},
{
"model": "oncommand unified manager host package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "oceanstor s2200t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "icewall sso dfw r1",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.14"
},
{
"model": "security enterprise scanner",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "spa232d multi-line dect ata",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "policy center v100r003c00spc305",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.1"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v19.7"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.11"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "flex system p270 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7954-24x)0"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58200"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.52"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf285a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "crossbow",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "system x3650m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79471.42"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.0"
},
{
"model": "system x3200m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73281.42"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.16"
},
{
"model": "ios software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.39"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "color laserjet cm6040 multifunction printer q3939a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32400"
},
{
"model": "color laserjet cp6015 q3933a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.76"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "10.0-release-p5",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "laserjet m3027 multifunction printer cc479a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.1"
},
{
"model": "laserjet multifunction printer series q3942a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "crossbow",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.2.3"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.2"
},
{
"model": "junos 10.4s14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.25"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "laserjet m4345 multifunction printer cb428a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1"
},
{
"model": "anyconnect secure mobility client for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uacos c4.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-500n 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "color laserjet m651 cz255a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.16"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.8"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.11"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "storeever msl6480 tape library",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.40"
},
{
"model": "msr3000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "video surveillance series ip camera",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.0"
},
{
"model": "color laserjet enterprise m750 d3l09a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "anyconnect secure mobility client for desktop platforms",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space 13.1r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.013"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.3"
},
{
"model": "laserjet enterprise color m855 a2w79a 2302963 436076",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.67"
},
{
"model": "filenet system monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5"
},
{
"model": "spa510 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "operations automation",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "5.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.20"
},
{
"model": "4800g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 12.1x44-d34",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "flex system p460",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-43x)0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.7"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.4"
},
{
"model": "idp 4.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.00"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.5"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "usg9500 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.31"
},
{
"model": "laserjet enterprise m4555 mfp ce503a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.11"
},
{
"model": "sylpheed",
"scope": "ne",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.4.2"
},
{
"model": "host checker",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3"
},
{
"model": "junos space ja2500 appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux server eus 6.5.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.0"
},
{
"model": "laserjet m5035 multifunction printer q7831a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.10"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1"
},
{
"model": "prime performance manager for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "receiver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.12"
},
{
"model": "secure work space",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "color laserjet cp6015 q3935a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "s7700\u0026s9700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "87100"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.2"
},
{
"model": "color laserjet cm4730 multifunction printer cb482a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.37"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "s3900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.0.3"
},
{
"model": "collaboration services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "unified communications widgets click to call",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.49"
},
{
"model": "color laserjet cp6015 q3933a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "softco v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.6"
},
{
"model": "enterprise manager ops center",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.13"
},
{
"model": "telepresence t series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "unified attendant console advanced",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idol software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "9.0.3"
},
{
"model": "puredata system for hadoop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.02"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.1"
},
{
"model": "proventia network security controller 1.0.3352m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79130"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v310.1"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10000"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.169"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"model": "fastsetup",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.4"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.26"
},
{
"model": "tandberg codian isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32100"
},
{
"model": "laserjet printer series q5409a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "laserjet enterprise mfp m630 series b3g85a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.2"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.0"
},
{
"model": "tivoli workload scheduler distributed",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-3"
},
{
"model": "color laserjet multifunction printer series cb483a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "jabber for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dgs-1500-28p",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4"
},
{
"model": "project openssl 0.9.8n",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 11.4r12",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "security network intrusion prevention system gx5208",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.1.1"
},
{
"model": "a6600 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.1"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.1"
},
{
"model": "laserjet multifunction printer series q3728a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.290.2"
},
{
"model": "junos space 12.3r2.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system x3650m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79451.42"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.36"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "color laserjet cp6015 q3932a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "bcaaa",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.9"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "vcloud networking and security",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.2"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.4"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.213"
},
{
"model": "vsphere support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "manageone v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.7"
},
{
"model": "laserjet m4345 multifunction printer cb426a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.34"
},
{
"model": "s7700\u0026s9700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.19"
},
{
"model": "flex system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70007.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "s6900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.65"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.1"
},
{
"model": "ucs b-series servers",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.7.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.16"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.011"
},
{
"model": "junos r7",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.29"
},
{
"model": "storeever msl6480 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos os 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2"
},
{
"model": "3par service processor sp-4.3.0.ga-17.p001",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "laserjet printer series q5407a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "laserjet enterprise color mfp m880 a2w76a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "laserjet enterprise color m775 series cc524a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "universal small cell series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50003.4.2.0"
},
{
"model": "laserjet p4515 cb515a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.1r9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "junos 11.4r10-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.45"
},
{
"model": "junos 12.1x46-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.41"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.116"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.73"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.1.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.67"
},
{
"model": "junos 12.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.2"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.11"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.015"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.09"
},
{
"model": "sbr carrier 8.0.0-r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.1"
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77109.7"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf399a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "color laserjet cp3525 cc469a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.1"
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "quantum policy suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise color m775 series cc522a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "msr20 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "forticlient",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.614"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "asset manager 9.41.p1",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "cloudsystem enterprise software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0.2"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.6"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.57"
},
{
"model": "msr1000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.88"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.3"
},
{
"model": "9.2-rc2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "utm manager",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.51"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.9"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "tivoli netcool/system service monitor fp10",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.3"
},
{
"model": "cloud server",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.16"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "system x3630m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73771.42"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "10.0.2"
},
{
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.22"
},
{
"model": "fortirecorder",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.4.1"
},
{
"model": "enterprise linux long life 5.9.server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "powerlinux 7r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "vcenter chargeback manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.6"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1.0.18193"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "color laserjet cp6015 q3931a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73211.42"
},
{
"model": "telepresence mxp series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2"
},
{
"model": "infosphere balanced warehouse c4000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.123"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.7"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.2"
},
{
"model": "jetdirect ew2500 802.11b/g wireless print server j8021a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.53"
},
{
"model": "color laserjet cm4730 multifunction printer cb483a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1"
},
{
"model": "junos r2-s2",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.12"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7900.00"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.50"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.1"
},
{
"model": "client connector",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.0"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.4"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.91"
},
{
"model": "laserjet enterprise m4555 mfp ce738a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos os 12.2r9",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet cm4730 multifunction printer cb480a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "flare experience for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.2.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.4"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4"
},
{
"model": "communicator for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "lifetime key management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.20"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.12"
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02spc800",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "telepresence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70100"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "color laserjet cm4730 multifunction printer cb481a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf270a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1"
},
{
"model": "big-ip afm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.3"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "laserjet enterprise color m855 a2w78a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.15"
},
{
"model": "message networking sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2"
},
{
"model": "strm",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.26"
},
{
"model": "prime data center network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "infosphere balanced warehouse d5100",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cc v200r001c31",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "junos 13.2r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s12700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.10"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "laserjet enterprise color m775 series cc523a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.0.10648"
},
{
"model": "laserjet p4014 cb507a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenmobile app controller",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.9"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "oceanstor s5500t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.0"
},
{
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.6"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.047.8"
},
{
"model": "enterprise linux server eus 6.4.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "vcd",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.11"
},
{
"model": "security information and event management hf3",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1.4"
},
{
"model": "laserjet enterprise color m551 series cf083a 2302963 436083",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.2"
},
{
"model": "documentum content server sp2 p13",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "icewall sso dfw r2",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.5"
},
{
"model": "agent desktop for cisco unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet p2055 printer series ce456a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.01"
},
{
"model": "9250c digital sender cb472a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0.0"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "one-x client enablement services sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "netiq admininstration console server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1.131"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.2"
},
{
"model": "sparc m10-4",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "junos 13.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "software foundation python",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "3.5"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7100"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "laserjet enterprise color m855 a2w79a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0-76.7"
},
{
"model": "bbm for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "0"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.4"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "documentum content server sp2 p14",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.3.8.3"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.1"
},
{
"model": "color laserjet cp6015 q3934a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tivoli endpoint manager for remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8721"
},
{
"model": "color laserjet m651 cz257a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"model": "laserjet enterprise m4555 mfp ce502a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "vsphere virtual disk development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "ive os 8.0r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system storage ts2900 tape librray",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "0033"
},
{
"model": "laserjet enterprise m4555 mfp ce504a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "laserjet cm3530 multifunction printer cc519a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.9"
},
{
"model": "ecns600 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0-77.5"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.2.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.3"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.3"
},
{
"model": "laserjet p3005 printer series q7816a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "jabber voice for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.6"
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "unified ip conference phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "project openssl 1.0.0e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos os 12.1x46-d25",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet p4515 cb516a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.172"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "aura application server sip core pb19",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "bladecenter js22",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7998-61x)0"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.15"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.65"
},
{
"model": "executive scorecard",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.41"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.5"
},
{
"model": "8.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "infosphere balanced warehouse c3000",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.6"
},
{
"model": "esxi",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "junos 12.3r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx7800",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "uacos c5.0",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "strm/jsa",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "junos 12.3r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "z/tpf",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.10"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.40"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.1"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "laserjet enterprise color mfp m880 d7p70a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "laserjet p4515 cb514a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.2.0.9"
},
{
"model": "puredata system for operational analytics a1791",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "dsm v100r002c05spc615",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.6"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.55"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78361.42"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "fortirecorder",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.5"
},
{
"model": "project openssl 0.9.8t",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cognos insight standalone fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "bladecenter js23",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x)0"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.5"
},
{
"model": "hosted collaboration mediation fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.0"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "msa storage gl200r007",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2040"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "icewall sso certd r3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "command view server based management",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.3.2"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "laserjet printer series q7697a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.161"
},
{
"model": "storevirtual vsa software",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "12.5"
},
{
"model": "paging server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.6"
},
{
"model": "fortigate",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.5"
},
{
"model": "data ontap smi-s agent",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.2"
},
{
"model": "9500e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "ace application control engine module ace20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise m712 series cf235a 2302963 436080",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "fortisandbox build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "1.3.086"
},
{
"model": "hyperdp oceanstor n8500 v200r001c09",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.4"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "23.0.1271.94"
},
{
"model": "agent desktop for cisco unified contact center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "vcenter site recovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0.31"
},
{
"model": "dgs-1210-28p",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.043"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11000"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.75"
},
{
"model": "color laserjet m680 cz248a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.91"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "ape",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "hyperdp v200r001c91spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x330073820"
},
{
"model": "asset manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "unified attendant console",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "dsr-500 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3-64.4"
},
{
"model": "s3900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "oceanstor s5600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.19"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "enterprise linux server eus 6.3.z",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "6.0"
},
{
"model": "junos 10.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.10.140.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.32"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.3"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.5"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "laserjet p3005 printer series q7814a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "ace application control engine module ace10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v110.1"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "20"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "36100"
},
{
"model": "ive os 7.4r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.21"
},
{
"model": "hi switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.7"
},
{
"model": "laserjet enterprise m4555 mfp ce503a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "msr9xx family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "vcenter site recovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.1"
},
{
"model": "nsx for multi-hypervisor",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.1.2"
},
{
"model": "laserjet printer series q7698a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.63"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos os 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp07",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4"
},
{
"model": "msr30 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "scale out network attached storage",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.3"
},
{
"model": "smart update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.3.1"
},
{
"model": "manageone v100r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.4"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.0.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463011.5"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087330"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.20"
},
{
"model": "esight-ewl v300r001c10spc300",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ave2000 v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet enterprise cp4525 cc493a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "executive scorecard",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.22"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.2"
},
{
"model": "websphere datapower b2b appliance xb62",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "laserjet multifunction printer series q3726a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.290.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.82"
},
{
"model": "color laserjet cp4005 printer series cb504a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "46.230.6"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.1"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.1"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.0.74.4"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos space 12.3p2.8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.85"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.60"
},
{
"model": "pulse desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "rational insight ifix1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "fortios",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.12"
},
{
"model": "tivoli workload scheduler distributed fp02",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "telepresence integrator c series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "laserjet m4345 multifunction printer cb425a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "8.4-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.1"
},
{
"model": "laserjet enterprise m602 series ce991a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "malware analysis appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1.2"
},
{
"model": "usg9300 v200r001c01sph902",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.126.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "anyoffice v200r002c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "43000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "60000"
},
{
"model": "color laserjet flow m680 ca251a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.4"
},
{
"model": "splunk",
"scope": "ne",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.9"
},
{
"model": "cacheflow",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "2.0"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.1"
},
{
"model": "bbm for android",
"scope": "ne",
"trust": 0.3,
"vendor": "rim",
"version": "2.2.1.40"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "13.10"
},
{
"model": "virtual automation",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.68"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.0.0"
},
{
"model": "color laserjet enterprise cp4025 cc490a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.34"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.50"
},
{
"model": "color laserjet multifunction printer series cb481a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "laserjet printer series q7545a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "junos 13.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2143"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19100"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.1"
},
{
"model": "usg9500 usg9500 v300r001c20",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet printer series q5406a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "espace u2990 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "forticlient build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0591"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.34"
},
{
"model": "studio",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.60"
},
{
"model": "aura conferencing sp1 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "laserjet enterprise mfp m525f cf116a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "color laserjet cp3525 cc468a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.2"
},
{
"model": "telepresence isdn gw",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32410"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.2.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.10"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "ssl visibility",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.6"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.62"
},
{
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x310054570"
},
{
"model": "vcd",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.3"
},
{
"model": "9.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.4.0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.8"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.4"
},
{
"model": "telepresence ex series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "one-x mobile ces for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "junos os 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59200"
},
{
"model": "security analytics platform",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1.3"
},
{
"model": "oceanstor s6800t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "manageone v100r001c02 spc901",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 11.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2"
},
{
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.20"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.6"
},
{
"model": "junos 12.1x45-d20",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "system x3500m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78391.42"
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "9.2"
},
{
"model": "oceanstor s2600t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet cp5525 ce707a 2302963 436070",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux els",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3500-"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.26"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.13"
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "11.00"
},
{
"model": "color laserjet cm6030 multifunction printer ce664a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "isoc v200r001c02spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "psb email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "9.20"
},
{
"model": "color laserjet cp3525 cc471a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "9.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "35.0.1916.155"
},
{
"model": "ons series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154000"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.2"
},
{
"model": "unified intelligent contact management enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space r1.8",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.4"
},
{
"model": "webapp secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "anyconnect secure mobility client for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.11"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.70"
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "8.3"
},
{
"model": "aura system manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "policy center v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087180"
},
{
"model": "laserjet enterprise p3015 ce526a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.50"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.14"
},
{
"model": "junos 12.3r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.4"
},
{
"model": "color laserjet cp6015 q3934a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.170"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v3700-"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.92"
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "88704.76.0"
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "updatexpress system packs installer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.60"
},
{
"model": "campaign",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "5.0"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.6.0"
},
{
"model": "video surveillance 4300e/4500e high-definition ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smart update manager",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.4.1"
},
{
"model": "director",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.21"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x638370"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.85"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0"
},
{
"model": "color laserjet multifunction printer series cb480a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "vm virtualbox 4.2.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "oracle",
"version": null
},
{
"model": "color laserjet cm4540 mfp cc421a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.50"
},
{
"model": "color laserjet multifunction printer series cb482a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.16"
},
{
"model": "sdn for virtual environments",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "laserjet multifunction printer series q3944a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3"
},
{
"model": "jabber video for ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 12.1x44-d26",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos os 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "12.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.51"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.8"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8.5"
},
{
"model": "jboss enterprise application platform",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.2"
},
{
"model": "junos 10.4r14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1"
},
{
"model": "laserjet printer series q5403a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.56"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "webex connect client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vcsa",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "8.0.552.343"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.12"
},
{
"model": "color laserjet printer series q5982a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.4"
},
{
"model": "junos pulse 4.0r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.12"
},
{
"model": "cognos planning fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "junos -d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "p2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1810v10"
},
{
"model": "fortiauthenticator",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.28"
},
{
"model": "junos space 13.1r1.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3.1"
},
{
"model": "junos 10.0s25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 10.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "email and server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "10.00"
},
{
"model": "system dx360m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73251.42"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.13"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "softco v200r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.52"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.3"
},
{
"model": "color laserjet cm6040 multifunction printer q3939a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.18"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.28"
},
{
"model": "junos 10.4r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.1"
},
{
"model": "vsphere storage appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1.3"
},
{
"model": "laserjet p4015 cb511a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2.0"
},
{
"model": "security access manager for mobile",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.1"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.17"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.18"
},
{
"model": "junos 12.3r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.36"
},
{
"model": "agile controller v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "nip2000\u00265000 v100r002c10hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tapi service provider",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.29"
},
{
"model": "datafort s-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.4"
},
{
"model": "core",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "junos r5",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66020"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "management center",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2.1.1"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf274a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "telepresence isdn gw mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83210"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "smc2.0 v100r002c01b017sp16",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0"
},
{
"model": "blackberry link",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "1.2"
},
{
"model": "msr20-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.77"
},
{
"model": "8.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura conferencing standard",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.17"
},
{
"model": "one-x mobile ces for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.4"
},
{
"model": "system x3650m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "54541.42"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.7"
},
{
"model": "physical access gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system m5 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x325054580"
},
{
"model": "cognos insight standalone",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.2"
},
{
"model": "session border controller enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.4"
},
{
"model": "junos 11.4r5-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ive os 8.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "89410"
},
{
"model": "project openssl 0.9.8u",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "isoc v200r001c01spc101",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "prime network registrar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.36"
},
{
"model": "junos os 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2.0"
},
{
"model": "fortiweb",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.3.1"
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.3.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.114"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8.106"
},
{
"model": "lifetime key management software",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "security access manager for web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "vcenter converter standalone",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.1"
},
{
"model": "color laserjet cm4730 multifunction printer cb482a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "50.286.1"
},
{
"model": "10.0-beta",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.22"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "horizon workspace server gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "documentum content server p06",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.89"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "junos 12.1r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "prime network analysis module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6"
},
{
"model": "project openssl 1.0.1e",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.07"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.56"
},
{
"model": "laserjet multifunction printer series q3945a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43459.310.2"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.15"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "executive scorecard",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.5"
},
{
"model": "bladesystem c-class onboard administrator",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.21"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.14"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.4"
},
{
"model": "isoc v200r001c00spc202",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "60000"
},
{
"model": "one-x client enablement services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "small business isa500 series integrated security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.1"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.21"
},
{
"model": "netiq identity server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "color laserjet enterprise cp4525 cc495a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "junos 12.3r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.80"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.5.2"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.9.107"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.28"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "systems insight manager 7.3.0a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-23x)0"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "laserjet enterprise mfp m630 series b3g84a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.4"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.2"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5"
},
{
"model": "arubaos",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "88310"
},
{
"model": "vcsa",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "color laserjet enterprise m750 d3l10a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.27"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.170"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.1"
},
{
"model": "idp 4.1r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "horizon workspace client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "cognos business intelligence server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.20"
},
{
"model": "big-iq device",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.2"
},
{
"model": "laserjet m3035 multifunction printer cc476a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "laserjet enterprise flow m830z mfp cf367a 2302963 436071",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "usg9500 usg9500 v300r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "power",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5750"
},
{
"model": "one-x client enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "config advisor",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "color laserjet cm4540 mfp cc420a 2302963 436067",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "color laserjet enterprise cp4525 cc494a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "laserjet enterprise mfp m725 cf067a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "color laserjet printer series q7492a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.9"
},
{
"model": "eucalyptus",
"scope": "eq",
"trust": 0.3,
"vendor": "eucalyptus",
"version": "4.0"
},
{
"model": "tandberg codian mse model",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "83200"
},
{
"model": "uma v200r001c00spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet m680 cz249a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet m3035 multifunction printer cc477a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "isoc v200r001c00",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "3000"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.1.0"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "fortimanager",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.12"
},
{
"model": "forticlient",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.10"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.22"
},
{
"model": "eupp v100r001c10spc002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "10"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.0"
},
{
"model": "websphere datapower low latency appliance xm70",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.15"
},
{
"model": "project openssl 0.9.8m",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "cognos insight standalone fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.1"
},
{
"model": "oncommand balance",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "f1000a and s family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "stunnel",
"scope": "ne",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.02"
},
{
"model": "u200a and m family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.57"
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.6"
},
{
"model": "flex system fc5022",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "850/8700"
},
{
"model": "officejet enterprise color c2s12a 2302963 436074",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x555"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.7"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "storwize",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70000"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5.2.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.11"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.2"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "oceanstor s5500t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "videoscape anyres live",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.66"
},
{
"model": "junos d20",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x46"
},
{
"model": "color laserjet cm4540 mfp cc419a 2302963 436067",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.3"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.31"
},
{
"model": "vcenter converter standalone",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "infosphere master data management patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.4"
},
{
"model": "hsr6602 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "wag310g wireless-g adsl2+ gateway with voip",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "documentum content server p07",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.44"
},
{
"model": "security threat response manager",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2012.1"
},
{
"model": "jabber for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "unified wireless ip phone series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "29200"
},
{
"model": "one-x mobile for blackberry",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.5"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.50"
},
{
"model": "9.0-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.14"
},
{
"model": "laserjet m4345 multifunction printer cb425a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.6"
},
{
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.07"
},
{
"model": "storevirtual 1tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "ida pro",
"scope": "eq",
"trust": 0.3,
"vendor": "hex ray",
"version": "6.5"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "31.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.8"
},
{
"model": "junos space 14.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "upward integration modules for vmware vsphere",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.44"
},
{
"model": "prime optical for sps",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.22"
},
{
"model": "9.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "color laserjet m651 cz255a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "51200"
},
{
"model": "scanjet enterprise document capture workstation l2717a 2302963 436065",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8500"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.19"
},
{
"model": "laserjet p4015 cb510a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.5"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.99"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.168"
},
{
"model": "icewall sso agent option",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.02007"
},
{
"model": "cloudsystem foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0.2"
},
{
"model": "9.0-rc3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 13.3r2-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.41"
},
{
"model": "junos 12.1r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network intrusion prevention system gx4004-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.1"
},
{
"model": "vcd",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.6.2"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3850x638370"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "smart call home",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "elan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "8.3.3"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.1"
},
{
"model": "project openssl beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.3"
},
{
"model": "laserjet enterprise color mfp m575dn cd645a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42511.42"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.3"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.0"
},
{
"model": "laserjet enterprise m806 cz245a 2302963 436075",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "fortimanager",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.4"
},
{
"model": "suse core for",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9x86"
},
{
"model": "ecns610 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "sdk for node.js",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.0.3"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "junos 13.2r5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "documentum content server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "horizon workspace server data",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0.1025308"
},
{
"model": "9.0-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.81"
},
{
"model": "storage encryption",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.4"
},
{
"model": "laserjet m3027 multifunction printer cb416a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433511.5"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0.1700.99"
},
{
"model": "junos 12.3r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.108"
},
{
"model": "xenclient enterprise",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "laserjet enterprise mfp m630 series b3g84a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "netscaler ipmi/lom interface",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "8.4-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "msr20 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "colorqube ps",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "85704.76.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.9"
},
{
"model": "oceanstor s6800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "color laserjet m680 cz249a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.62"
},
{
"model": "servicecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.2"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.30"
},
{
"model": "sparc m10-4s",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "fortiauthenticator build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.1.060"
},
{
"model": "laserjet enterprise m601 series ce990a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "129000"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "vcenter support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.14"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0"
},
{
"model": "sbr carrier 7.6.0-r10",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.56"
},
{
"model": "hsr6800 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet printer series q7552a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "scanjet enterprise document capture workstation l2717a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "85000"
},
{
"model": "project openssl 0.9.8m beta1",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.39"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.0"
},
{
"model": "bladecenter js23/js43",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7778-23x)0"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.185"
},
{
"model": "security network intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.2"
},
{
"model": "project openssl 0.9.8q",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.11"
},
{
"model": "laserjet printer series q3721a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "flex system fabric en4093 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.5"
},
{
"model": "manageone v100r002c10 spc320",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.10"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "svn2200 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational application developer for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.1"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1"
},
{
"model": "secblade iii",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "safe profile",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "jabber software development kit",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.79"
},
{
"model": "junos 13.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "laserjet m5035 multifunction printer q7830a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "jetdirect 640n eio card j8025a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "45.35"
},
{
"model": "junos 13.2r5",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storwize unified",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "v70001.4"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.2"
},
{
"model": "vdi-in-a-box",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.4"
},
{
"model": "itbm standard",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.00"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.2"
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-467"
},
{
"model": "color laserjet cp3525 cc469a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 13.1r4-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.11"
},
{
"model": "fortivoiceos build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "3.0.3165"
},
{
"model": "laserjet enterprise color m551 series cf082a 2302963 436083",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "secure analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "2013.2"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.4"
},
{
"model": "eupp v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2"
},
{
"model": "security network intrusion prevention system gx6116",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "flex system fabric si4093 system interconnect module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.17"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "laserjet printer series q3722a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.00"
},
{
"model": "junos pulse 5.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.14"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.22"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13000"
},
{
"model": "enterprise linux eus 5.9.z server",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.7.3"
},
{
"model": "laserjet p4515 cb516a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.3"
},
{
"model": "uma-db v2r1coospc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "security information and event management hf6",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.2.2"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.2"
},
{
"model": "project openssl 0.9.8g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "telepresence exchange system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "datafort management console",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "cms r17",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "usg9300 usg9300 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.05"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2"
},
{
"model": "f1000e family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.113"
},
{
"model": "laserjet enterprise m601 series ce989a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "sterling file gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "oncommand unified manager core package 5.2.1p1",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.0"
},
{
"model": "junos 11.4r6.6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.40"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "19200"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3"
},
{
"model": "color laserjet cm4540 mfp cc419a",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7600-"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.3"
},
{
"model": "vsphere replication",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.6"
},
{
"model": "espace u2990 v200r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr93x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.1"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.01"
},
{
"model": "big data extensions",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.1"
},
{
"model": "storevirtual 3tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos space 12.3r1.3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dsr-1000n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.19"
},
{
"model": "junos 11.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "svn5500 v200r001c01spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr50 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0.1055"
},
{
"model": "laserjet m5025 multifunction printer q7840a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "flex system p260 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-22x)0"
},
{
"model": "tivoli netcool/system service monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.2"
},
{
"model": "jabber voice for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "onepk all-in-one vm",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "idp 4.2r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "virtuozzo containers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "4.7"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5"
},
{
"model": "junos 12.1r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise m603 series ce994a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "vsphere support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.37"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "laserjet enterprise m806 cz245a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "color laserjet printer series q7493a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "msr50 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.0"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.61"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "tivoli netcool/system service monitor fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.41"
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.6"
},
{
"model": "8.4-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "junos 10.0s28",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.9"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "isoc v200r001c02",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "9000"
},
{
"model": "aura system manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "color laserjet cp6015 q3931a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.1"
},
{
"model": "color laserjet enterprise cp4525 cc493a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "10.0-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.4"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.1"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.4.2"
},
{
"model": "ddos secure",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "utm",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "9.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.40"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.07"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1183.0"
},
{
"model": "ip office server edition",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "ssl visibility",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.7"
},
{
"model": "fortigate build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.18"
},
{
"model": "junos os 12.3r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cms r17 r3",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "horizon workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "websphere datapower b2b appliance xb62",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.1.3"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.10"
},
{
"model": "color laserjet cm6030 multifunction printer ce665a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.16"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.79"
},
{
"model": "manageability sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.13"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "security network intrusion prevention system gx5108",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fortiwifi",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "vcenter server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "vix api",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.12"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.16"
},
{
"model": "junos 5.0r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "fortiap",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "tivoli workload scheduler for applications",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.03"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.33"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.2.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.9"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "6.4"
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "3.3"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "i v5r3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "vsphere replication",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.02"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.1.3"
},
{
"model": "uacos c5.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise p3015 ce525a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "junos 13.1r.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "webex messenger service",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "web filter",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.6"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.152"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.2"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.6"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.10"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3100v20"
},
{
"model": "laserjet p2055 printer series ce459a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "color laserjet cm4730 multifunction printer cb483a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.3"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.196.4"
},
{
"model": "real-time compression appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.203"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8x"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.23"
},
{
"model": "logcenter v200r003c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "dynamic system analysis",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.61"
},
{
"model": "dgs-1210-28",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.012"
},
{
"model": "ssl vpn 7.4r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.20"
},
{
"model": "laserjet enterprise m601 series ce989a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "telepresence supervisor mse",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "80500"
},
{
"model": "initiate master data service provider hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.3.0.13725"
},
{
"model": "infosphere master data management server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "11.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.11"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.152"
},
{
"model": "color laserjet printer series q7534a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "horizon workspace client for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.8.1"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.51"
},
{
"model": "rational build forge",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "netiq access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "4.0"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7893"
},
{
"model": "big-ip psm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2"
},
{
"model": "watson explorer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.4"
},
{
"model": "s7700\u0026s9700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "netiq access manager",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "3.2"
},
{
"model": "application networking manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "command view for tape libraries",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "sparc enterprise m8000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "oceanstor s2600t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet enterprise color mfp m575dn cd645a 2302963 436081",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "junos 12.1x45-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "project openssl 1.0.1h",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.2"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.4"
},
{
"model": "9.2-rc1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.0"
},
{
"model": "msr30-16 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "fortiwifi build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "laserjet enterprise color m855 a2w77a 2302963 436076",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.4"
},
{
"model": "puredata system for hadoop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.01"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.3"
},
{
"model": "telepresence video communication server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "cloudsystem chargeback",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.10"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.2354"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.3"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.0"
},
{
"model": "aura application server sip core pb3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.3"
},
{
"model": "netiq access gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.2"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.1"
},
{
"model": "security threat response manager 2012.1r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99710"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "laserjet m3027 multifunction printer cc479a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "sparc enterprise m3000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "color laserjet cp6015 q3932a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0"
},
{
"model": "enterprise linux long life server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.6"
},
{
"model": "laserjet enterprise mfp m525f cf117a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.134.14"
},
{
"model": "management center",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.0"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0.0.3"
},
{
"model": "junos 11.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ata analog telephone adaptor",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1870"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.2"
},
{
"model": "project openssl 1.0.0b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4"
},
{
"model": "fortimail",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.7"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.2"
},
{
"model": "expressway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.4"
},
{
"model": "storage management initiative specification providers fo",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "57100"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "msr30-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.15"
},
{
"model": "proventia network security controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1209"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.79"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.04"
},
{
"model": "junos 11.4r5.5",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "cognos business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.4.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.74"
},
{
"model": "laserjet enterprise p3015 ce595a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet p4515 cb514a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.1.2"
},
{
"model": "smartcloud entry",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.03"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.2"
},
{
"model": "aura system manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "sterling connect:direct",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.070.5"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.1.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.11"
},
{
"model": "security information and event management ga",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.4.0"
},
{
"model": "junos 11.4r12-s1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.2.4"
},
{
"model": "family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "125000"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.2"
},
{
"model": "8.4-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.55"
},
{
"model": "officejet enterprise color c2s11a 2302963 436074",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x555"
},
{
"model": "web appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.9.0.0"
},
{
"model": "tsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.12"
},
{
"model": "msr30-16 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "imc ead",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.31"
},
{
"model": "laserjet m5035 multifunction printer q7829a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "fortios b064",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "2.1.5-1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.12"
},
{
"model": "mysql",
"scope": "ne",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.20"
},
{
"model": "laserjet p4015 cb509a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "usg9500 v300r001c20sph102",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x353071600"
},
{
"model": "initiate master data service patient hub",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "laserjet m3035 multifunction printer cb414a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.25"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4x27.43"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.13"
},
{
"model": "asa cx context-aware security",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "color laserjet cp5525 ce709a 2302963 436070",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "horizon workspace client for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "web filter",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7"
},
{
"model": "project openssl 1.0.1d",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.52"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.5"
},
{
"model": "unified im and presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos 11.4r7-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "junos d10",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x47"
},
{
"model": "security network intrusion prevention system gv200",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "laserjet enterprise color mfp m880 a2w75a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "elog v100r003c01spc503",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.3"
},
{
"model": "system storage ts3400 tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0040"
},
{
"model": "telepresence server on multiparty media",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3100"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.40"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087520"
},
{
"model": "flex system fabric en4093r 10gb scalable switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.8.4.0"
},
{
"model": "s5900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "scanjet enterprise document capture workstation l2719a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "85000"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0"
},
{
"model": "s6900 v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7.3"
},
{
"model": "storevirtual hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.5"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.1"
},
{
"model": "storevirtual 3tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "junos 12.1r11",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "fusionsphere v100r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.5"
},
{
"model": "websphere datapower soa appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.015"
},
{
"model": "tsm v100r002c07spc219",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vma san gateway g5.5.1.3",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.4.0.14619"
},
{
"model": "one-x mobile lite for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.173"
},
{
"model": "smartcloud provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3"
},
{
"model": "system dx360m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "63911.42"
},
{
"model": "espace iad v300r002c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "sterling connect:direct",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.4"
},
{
"model": "documentum content server sp1 p28",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.24"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "prime collaboration provisioning",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5"
},
{
"model": "real-time compression appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.8"
},
{
"model": "security network intrusion prevention system gx7412-10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "fortianalyzer",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.45"
},
{
"model": "arubaos",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.4.1.0"
},
{
"model": "cognos express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.5"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"model": "color laserjet cp6015 q3931a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "9.2-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.1"
},
{
"model": "laserjet p3005 printer series q7815a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "datafort fc-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1.0.9"
},
{
"model": "vcac",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "vcenter site recovery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7200"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet printer series q5408a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r003",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "xiv storage system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "281011.3"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "4210g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53003.0"
},
{
"model": "aura application server sip core pb25",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.4"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.8"
},
{
"model": "junos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "14.1"
},
{
"model": "laserjet enterprise m603 series ce995a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.118"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79000"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.88"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.3"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.95"
},
{
"model": "tivoli netcool/system service monitor fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura experience portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "hyperdp v200r001c09spc501",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "ei switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "nsx for multi-hypervisor",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0.3"
},
{
"model": "toolscenter suite",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x355079140"
},
{
"model": "integrated lights out manager",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.3"
},
{
"model": "utm",
"scope": "ne",
"trust": 0.3,
"vendor": "sophos",
"version": "9.203"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3.1.1"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "telepresence",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "13100"
},
{
"model": "project openssl 1.0.1b",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "project openssl 1.0.0k",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "laserjet enterprise mfp m725 cf069a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura system platform sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.10"
},
{
"model": "laserjet printer series q7784a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42408.250.2"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "59000"
},
{
"model": "project metasploit framework",
"scope": "ne",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.3"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.0"
},
{
"model": "usg2000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.86"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "3.1.12"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.3.3"
},
{
"model": "aura conferencing",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "project metasploit framework",
"scope": "eq",
"trust": 0.3,
"vendor": "metasploit",
"version": "4.9.2"
},
{
"model": "cloudsystem enterprise software",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.1"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "75000"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura system platform sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "watson explorer security",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.2"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "junos r12",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "websphere datapower low latency appliance xm70",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.4"
},
{
"model": "9.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "epolicy orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.6.7"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "laserjet enterprise mfp m725 cf068a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.59"
},
{
"model": "laserjet enterprise mfp m725 cf068a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10500"
},
{
"model": "flare experience for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1.3"
},
{
"model": "laserjet enterprise color mfp m575dn cd644a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "junos os 14.1r1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "8.4-release-p7",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "operations analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "color laserjet cp3505 printer series cb442a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.2"
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.1"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.32"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.42"
},
{
"model": "big-ip pem",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "aura utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "e-business suite 11i",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "11.5.10.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.6"
},
{
"model": "laserjet printer series q5400a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.1"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087220"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.2.0"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3"
},
{
"model": "laserjet printer series q7546a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "command view for tape libraries",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.8"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.1"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "laserjet printer series q7547a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "svn5500 v200r001c01hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.01"
},
{
"model": "rox",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "22.6"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "9.0"
},
{
"model": "power ps701",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "color laserjet m651 cz256a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.012"
},
{
"model": "agent desktop for cisco unified contact center enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.8"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.3"
},
{
"model": "oceanstor s5500t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet enterprise mfp m725 cf066a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1"
},
{
"model": "laserjet enterprise mfp m630 series b3g85a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x1.0.1"
},
{
"model": "aura messaging sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "telepresence profile series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.3"
},
{
"model": "espace iad v300r001c07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "software foundation python",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "3.4"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "laserjet enterprise color m775 series cf304a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7000"
},
{
"model": "9.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.5"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.119"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.2"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "laserjet printer series q5402a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "42508.250.2"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.7"
},
{
"model": "msr30-1x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "vcloud networking and security",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.2"
},
{
"model": "color laserjet printer series q7491a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "4510g switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.5"
},
{
"model": "laserjet m3035 multifunction printer cb414a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "dsr-1000 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "operations automation",
"scope": "eq",
"trust": 0.3,
"vendor": "parallels",
"version": "5.0"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.4"
},
{
"model": "aura application server sip core",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.1"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.5"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.6.2"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.9"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.1"
},
{
"model": "one-x mobile lite for iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "documentum content server sp2 p16",
"scope": "ne",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "sparc enterprise m5000 xcp",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1117"
},
{
"model": "project openssl 1.0.0a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x44-d15",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.4"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.2"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "laserjet enterprise color mfp m575dn cd644a 2302963 436081",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "network connect",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.0.12875"
},
{
"model": "power system s822",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "network connect 8.0r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-21"
},
{
"model": "junos pulse for android",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.22"
},
{
"model": "system x3550m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79441.42"
},
{
"model": "sterling connect:express for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.5.0.9"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "proactive network operations center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1.0.2"
},
{
"model": "project openssl 0.9.8f",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.40"
},
{
"model": "airwave",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.2.2"
},
{
"model": "vfabric application director",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.2"
},
{
"model": "color laserjet printer series q5981a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "enterprise virtualization",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "junos 11.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "malware analysis appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"model": "ip video phone e20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.2.2"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "blackberry enterprise service",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.2.6"
},
{
"model": "junos 10.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "proxysg sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5.4.4"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.5"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "mate products",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.2"
},
{
"model": "websphere datapower xml accelerator xa35",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.0.8"
},
{
"model": "project openssl 1.0.1a",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cz195a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "integrity sd2 cb900s i2 and i4 server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.7.98"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.010"
},
{
"model": "flex system p260",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.4"
},
{
"model": "storevirtual 4tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "3.1.9"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.37"
},
{
"model": "pulse desktop 4.0r11.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "srg1200\u00262200\u00263200 v100r002c02hp0001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "laserjet p4015 cb510a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.1.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.2"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6"
},
{
"model": "security network intrusion prevention system gx3002",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.8"
},
{
"model": "sterling connect:enterprise for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.4"
},
{
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "ive os 7.4r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 13.3r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "56000"
},
{
"model": "puredata system for hadoop",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.00"
},
{
"model": "utm manager",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.29"
},
{
"model": "laserjet printer series q7699a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "messaging secure gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.5"
},
{
"model": "junos 12.1x44-d35",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.5"
},
{
"model": "jabber guest",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.23"
},
{
"model": "m220 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.03"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "77009.7"
},
{
"model": "8.4-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0.2"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "unified agent",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "58300"
},
{
"model": "jetdirect 695n eio card j8024a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3.2"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "laserjet printer series q5410a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "43508.250.2"
},
{
"model": "espace u19** v100r001c10",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data recovery",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "content security management appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3.1"
},
{
"model": "uma v200r001c00spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.9.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "1.0"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x350073830"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.6"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.3"
},
{
"model": "image construction and composition tool",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.3.1.0"
},
{
"model": "idatplex dx360 m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79120"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.21"
},
{
"model": "cms r16",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.4"
},
{
"model": "telepresence content server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "color laserjet m651 cz256a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "oceanstor s6800t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system platform sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "project openssl 0.9.8w",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos 12.1x47-d10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fortisandbox",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.12"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.121"
},
{
"model": "digital media players series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44000"
},
{
"model": "vdi communicator",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0.1"
},
{
"model": "color laserjet printer series q7494a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "470046.230.6"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "119000"
},
{
"model": "secure analytics 2014.2r3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "power ps704 blade",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7891-74x)0"
},
{
"model": "storevirtual 450gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.120"
},
{
"model": "flashsystem 9843-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "laserjet enterprise mfp m725 cf067a 2302963 436078",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "laserjet enterprise p3015 ce525a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "nsx for vsphere",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.4"
},
{
"model": "junos 13.1r3-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.24"
},
{
"model": "project openssl 1.0.1g",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "big-ip edge clients for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "7101"
},
{
"model": "tivoli composite application manager for transactions",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.4"
},
{
"model": "netscaler build",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.157.3"
},
{
"model": "laserjet cm3530 multifunction printer cc519a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "laserjet enterprise m4555 mfp ce738a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.48"
},
{
"model": "horizon workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "storevirtual 600gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413012.6"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.9"
},
{
"model": "ips",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "espace usm v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "idp series",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "laserjet enterprise p3015 ce527a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "laserjet enterprise p3015 ce526a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "13.1"
},
{
"model": "storevirtual 1tb mdl sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "oncommand unified manager core package",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5"
},
{
"model": "tivoli netcool/system service monitor fp12",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "watson explorer",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.4"
},
{
"model": "laserjet enterprise mfp m630 series b3g86a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "system storage ts3400 tape library",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "0042"
},
{
"model": "email security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "junos 12.3r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.143"
},
{
"model": "nexus switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31640"
},
{
"model": "laserjet m3035 multifunction printer cb415a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "laserjet cm3530 multifunction printer cc520a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "messagesight server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "ive os 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 11.4r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "fusionsphere v100r003c10spc600",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "msr93x family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.47"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.2"
},
{
"model": "color laserjet multifunction printer series q7520a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "telepresence advanced media gateway series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "airwave",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "7.7.12"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.0"
},
{
"model": "flashsystem 9846-ae1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "840"
},
{
"model": "tivoli workload scheduler distributed fp03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.6.0"
},
{
"model": "smc2.0 v100r002c01b025sp07",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "s2700\u0026s3700 v100r006",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "project openssl 0.9.8r",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "espace cc v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "9250c digital sender cb472a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.293.1"
},
{
"model": "protection service for email",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.1"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.31"
},
{
"model": "laserjet enterprise color mfp m880 d7p71a 2302963 436068",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "800"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.8"
},
{
"model": "netezza diagnostic tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1.0"
},
{
"model": "laserjet m4345 multifunction printer cb427a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.21"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.1.68.7"
},
{
"model": "elan",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "8.2"
},
{
"model": "isoc v200r001c01",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "5000"
},
{
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5"
},
{
"model": "ds8870",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "laserjet enterprise color m855 a2w77a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473011.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.81"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.2.15"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.2.2"
},
{
"model": "dgs-1500-28",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "3par service processor sp-4.2.0.ga-29.p003",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 12.1x44-d40",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s7-1500",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "project openssl beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.0"
},
{
"model": "esight-ewl v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "hyperdp oceanstor n8500 v200r001c91",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "virtual tape library",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.70"
},
{
"model": "storevirtual hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "cloud service automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.01"
},
{
"model": "project openssl 1.0.0l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "general parallel file system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.0"
},
{
"model": "color laserjet multifunction printer series q7518a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.13"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "laserjet printer series q7544a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52008.241"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3"
},
{
"model": "laserjet enterprise m4555 mfp ce502a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "oic v100r001c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos space 13.1p1.14",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "dgs-1210-20",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "4.00.041"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.2"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.3"
},
{
"model": "icewall sso dfw certd",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "spa300 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "laserjet enterprise m603 series ce996a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.9"
},
{
"model": "cit",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.2"
},
{
"model": "color laserjet cp6015 q3932a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "content analysis system software",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1.53"
},
{
"model": "horizon workspace client for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "via for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "2.0.0"
},
{
"model": "upward integration modules for microsoft system center",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.5"
},
{
"model": "color laserjet printer series q5983a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "380046.80.8"
},
{
"model": "junos 11.4r9-s1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 0.9.8p",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "telepresence isdn link",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "sbr enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "6.10"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.23"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.6"
},
{
"model": "big-ip aam",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.05"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "5.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.4"
},
{
"model": "storevirtual fc 900gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.19"
},
{
"model": "tivoli storage productivity center fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.14"
},
{
"model": "sterling connect:enterprise for unix ifix03",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.5.0.3"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7300"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "officejet enterprise color mfp b5l04a 2302963 436066",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x585"
},
{
"model": "sterling connect:direct for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.5.01"
},
{
"model": "snapdrive for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.5"
},
{
"model": "via for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "2.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.17"
},
{
"model": "pulse desktop 5.0r3.1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.06"
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.3.61.5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.115"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1.2"
},
{
"model": "junos 5.0r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9.1"
},
{
"model": "fortios build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.2.0589"
},
{
"model": "virtualization experience media engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jetdirect 620n eio card j7934g",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "29.26"
},
{
"model": "junos 10.0s18",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scanjet enterprise document capture workstation l2719a 2302963 436065",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8500"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.33"
},
{
"model": "jabber im for android",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "systems insight manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.12"
},
{
"model": "small cell factory recovery root filesystem",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.99.4"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.4"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.45"
},
{
"model": "cognos tm1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.2.0.2"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.31"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "flex system enterprise chassis",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8724"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.78"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "cerberus",
"version": "7.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.0"
},
{
"model": "color laserjet flow m680 ca251a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x365079150"
},
{
"model": "exalogic",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x3-22.0.6.2.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.4"
},
{
"model": "storevirtual china hybrid storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.3.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.10"
},
{
"model": "espace vtm v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "spa122 ata with router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos 10.4r",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.15"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "config manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.6"
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "6.0.3"
},
{
"model": "storevirtual fc 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "websphere datapower soa appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.0.6"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.00"
},
{
"model": "infosphere guardium",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "ssl vpn 8.0r4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.4"
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "5.5"
},
{
"model": "project openssl 1.0.1c",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "32.0"
},
{
"model": "spa525 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "data ontap smi-s agent",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.4.0.15"
},
{
"model": "cp1543-1",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1.1.25"
},
{
"model": "laserjet m9050 multifunction printer cc395a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "51.256.1"
},
{
"model": "ive os 7.4r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.41"
},
{
"model": "laserjet enterprise color m551 series cf081a 2302963 436083",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "advanced settings utility",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.52"
},
{
"model": "msr30 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8v"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.0"
},
{
"model": "color laserjet enterprise m750 d3l10a 2302963 436077",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "color laserjet cp3505 printer series cb443a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "3.160.2"
},
{
"model": "laserjet enterprise m601 series ce990a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "proxysg sgos",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.2.15.6"
},
{
"model": "algo audit and compliance",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.54"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x357087330"
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.3.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.30"
},
{
"model": "utm",
"scope": "ne",
"trust": 0.3,
"vendor": "sophos",
"version": "9.113"
},
{
"model": "espace u2980 v100r001c02",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.3.9"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3"
},
{
"model": "service delivery manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.4"
},
{
"model": "color laserjet printer series q7536a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "300046.80.2"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.2.0"
},
{
"model": "identity service engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "jsa 2014.2r2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.2"
},
{
"model": "9.2-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.177"
},
{
"model": "s12700 v200r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "snapdrive for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.35"
},
{
"model": "8.4-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "oceanstor s2200t v100r005",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.1"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3950x571431.43"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0"
},
{
"model": "hsr6602 russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.18"
},
{
"model": "cognos metrics manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "10.1.1"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1.1"
},
{
"model": "laserjet enterprise color m775 series cc524a 2302963 436079",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "s7-1500",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.23"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v39.7"
},
{
"model": "s2900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "ne",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.10"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0.21"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.32"
},
{
"model": "email security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "datafort common criteria fc-series",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "junos 11.4r7-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.20"
},
{
"model": "pulse desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.38"
},
{
"model": "usg5000 v300r001c10spc200",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.7"
},
{
"model": "ovf tool",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5.1"
},
{
"model": "storevirtual china hybrid san solution",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433512.0"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.1"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.9"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "message networking sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.1"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.00"
},
{
"model": "chargeback manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.7.3"
},
{
"model": "laserjet enterprise flow m830z mfp cf367a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "officejet enterprise color mfp b5l07a 2302963 436066",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "x585"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.0"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.2"
},
{
"model": "power express",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7500"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2.5.0.15"
},
{
"model": "junos 12.1x45-d25",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet m4345 multifunction printer cb428a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.8"
},
{
"model": "junos 13.2r3",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.4"
},
{
"model": "fortimail build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.3281"
},
{
"model": "color laserjet enterprise m750 d3l08a 2302963 436077",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "s5900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "esight v2r3c10spc201",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "aura system manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "laserjet pro m401a/d/dn/dnw/dw/n cf278a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "40020150212"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "web security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.40"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.4"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.78"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "project openssl 0.9.8l",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.13"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.65"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "28.0.1500.95"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.5"
},
{
"model": "vma",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.11"
},
{
"model": "video surveillance series ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.31"
},
{
"model": "s3900 v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.0.8"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.1.6.3"
},
{
"model": "proxyav",
"scope": "ne",
"trust": 0.3,
"vendor": "bluecoat",
"version": "3.5.21"
},
{
"model": "anyoffice emm",
"scope": "eq",
"trust": 0.3,
"vendor": "huawei",
"version": "2.6.0601.0090"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.13"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.39"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.8"
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.12"
},
{
"model": "color laserjet enterprise m750 d3l09a 2302963 436077",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "web security",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.33"
},
{
"model": "ssl for openvms",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-476"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73781.42"
},
{
"model": "strm/jsa 2013.2r8",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "project openssl 1.0.0i",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "security network intrusion prevention system gx7412",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.171"
},
{
"model": "vcenter support assistant",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.1"
},
{
"model": "laserjet p4015 cb511a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "msr50-g2 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "i v5r4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "storevirtual 1tb mdl china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.21"
},
{
"model": "exalogic",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "x4-22.0.6.2.0"
},
{
"model": "system x3550m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79461.42"
},
{
"model": "usg9500 usg9500 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "tssc",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.156"
},
{
"model": "laserjet cm3530 multifunction printer cc520a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "53.236.1"
},
{
"model": "s2750\u0026s5700\u0026s6700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "splunk",
"scope": "eq",
"trust": 0.3,
"vendor": "splunk",
"version": "4.3.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.58"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "11.16"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.0"
},
{
"model": "jetdirect 690n eio card j8007a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "ive os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7.4"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.13"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "flex system p24l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "ovf tool",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.17"
},
{
"model": "command view server based management",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "10.3.3"
},
{
"model": "prime network services controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.2.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.18"
},
{
"model": "oic v100r001c00spc402",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "documentum content server",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "7.0"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.1"
},
{
"model": "mysql",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5.6.14"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.30"
},
{
"model": "algo one",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.7.1"
},
{
"model": "icewall sso dfw",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.0"
},
{
"model": "s7700\u0026s9700 v200r005+v200r005hp0",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "data ontap",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "7.3.1"
},
{
"model": "9.2-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "color laserjet cm6030 multifunction printer ce665a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "business server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "1x8664"
},
{
"model": "vma san gateway g5.5.1.1",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.010"
},
{
"model": "dsr-1000 1.09.b61",
"scope": "ne",
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "laserjet enterprise m603 series ce996a 2302963 436082",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "600"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "tivoli storage flashcopy manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.1.2"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "aura collaboration environment",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "1.0.4"
},
{
"model": "vtm v100r001c30",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos space 13.3r4.4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.4.4"
},
{
"model": "oceanstor s5500t v100r005c30spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "storevirtual 2tb mdl sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.5"
},
{
"model": "xenclient enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.1.1"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.4.1"
},
{
"model": "system type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x3690x571481.43"
},
{
"model": "fortivoiceos",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "0"
},
{
"model": "unified ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "99510"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.1"
},
{
"model": "imc uam",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.00"
},
{
"model": "fortios",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.3.8"
},
{
"model": "integrated management module ii",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.86"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "rational insight",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.1.12"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.1"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.24"
},
{
"model": "system x3650m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "79491.42"
},
{
"model": "netezza platform software",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.213"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "espace u2980 v100r001 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "intelligent management center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "cloudburst",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0"
},
{
"model": "laserjet enterprise m602 series ce993a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "tivoli netcool/system service monitor fp8",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "watson explorer",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.02"
},
{
"model": "vsphere cli",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5"
},
{
"model": "junos 10.4r13",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise p3015 ce528a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.71"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.54"
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.0"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "fusion",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "8.4-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.3"
},
{
"model": "rox",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "22.5"
},
{
"model": "one-x communicator for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "x2.0.10"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "spa500 series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "junos os 13.1r4-s2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "junos 12.1r6",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "color laserjet enterprise m750 d3l08a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "8.0"
},
{
"model": "firepass",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "6.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "system x3250m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "42521.42"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "20500"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.3.2"
},
{
"model": "san volume controller",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.112"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.1.5.2"
},
{
"model": "junos d35",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x44"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1.0.1880"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.1.15"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.32"
},
{
"model": "ape",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0.2"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.43"
},
{
"model": "laserjet m4345 multifunction printer cb426a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "8.4-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "telepresence ip vcr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "msr20-1x russian version",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "telepresence sx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "rational reporting for development intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "si switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "55000"
},
{
"model": "aura application server sip core pb26",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.99"
},
{
"model": "documentum content server sp1 p26",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.3"
},
{
"model": "websphere message broker",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "18.0"
},
{
"model": "bladesystem c-class virtual connect",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "4.10"
},
{
"model": "9.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "systems director storage control",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1.1"
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.4.2.0"
},
{
"model": "junos 12.1x44-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "tivoli netcool/system service monitor fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.28"
},
{
"model": "sterling connect:direct for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "junos 12.1x45-d30",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.2"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.178"
},
{
"model": "project openssl 1.0.0j",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "eupp v100r001c01spc101",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "proxysg sgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.5"
},
{
"model": "flex system p460 compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.2.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.76"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "ecns600 v100r003c00",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos 13.2r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "horizon view client",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "storevirtual 600gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.6"
},
{
"model": "proxysgos",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "6.4.6.1"
},
{
"model": "service manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.21"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.8.11"
},
{
"model": "oceanstor s2600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "ssl for openvms",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.4-471"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "color laserjet enterprise cp4025 cc490a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.164.1"
},
{
"model": "communicator for android",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.9"
},
{
"model": "smart analytics system",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5600v29.7"
},
{
"model": "security information and event management",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "9.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0.9.131.0"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.3"
},
{
"model": "laserjet printer series q3723a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9040/90508.260.3"
},
{
"model": "aura presence services sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.06"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "3par service processor sp-4.3.0.ga-17.p000",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "1.0.1"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453012.0"
},
{
"model": "color laserjet cp6015 q3935a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.27"
},
{
"model": "sbr carrier 7.5.0-r11",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet enterprise m603 series ce994a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "junos 12.2r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "ave2000 v100r001c00sph001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.1.3"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.19"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "3.2.21"
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.4"
},
{
"model": "laserjet enterprise m4555 mfp ce504a 2302963 436064",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "junos 10.4r7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.60"
},
{
"model": "digital sender 9200c q5916a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "9.271.3"
},
{
"model": "laserjet m3035 multifunction printer cc477a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "48.306.1"
},
{
"model": "system x3620m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73761.42"
},
{
"model": "switch series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3600v20"
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.0"
},
{
"model": "storevirtual 900gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.6"
},
{
"model": "tivoli netcool/system service monitor fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "fortiweb",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.2"
},
{
"model": "laserjet p3005 printer series q7812a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.190.3"
},
{
"model": "documentum content server sp2 p15",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "6.7"
},
{
"model": "laserjet enterprise color flow mfp m575c cd646a 2302963 436081",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.55"
},
{
"model": "tivoli workload scheduler for applications fp01",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "9.2-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.90"
},
{
"model": "laserjet p4515 cb514a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.203.1"
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.16"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "2.0.3"
},
{
"model": "10.0-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.4.13"
},
{
"model": "msr4000 family",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "473012.5"
},
{
"model": "system x3400m2 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "78371.42"
},
{
"model": "junos 12.2r8",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "31005.1.21"
},
{
"model": "laserjet p4014 cb506a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.3"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.2"
},
{
"model": "laserjet enterprise mfp m525f cf116a 2302963 436069",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "500"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "5.5.4"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "463012.5"
},
{
"model": "financial services lending and leasing",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "14.1"
},
{
"model": "flex system p24l compute node",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "0"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "vpn client v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "metro ethernet series access devices",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12000"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "email security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.1"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.5"
},
{
"model": "eucalyptus",
"scope": "eq",
"trust": 0.3,
"vendor": "eucalyptus",
"version": "3.4.2"
},
{
"model": "3par service processor sp-4.1.0.ga-97.p011",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.25"
},
{
"model": "3par service processor sp-4.1.0.ga-97.p010",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "prime network",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "20.0.1132.20"
},
{
"model": "cloudsystem foundation",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "8.1"
},
{
"model": "database and middleware automation",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.30"
},
{
"model": "jetdirect 635n eio card j7961g",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "41.16"
},
{
"model": "aura presence services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.84"
},
{
"model": "storevirtual 900gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433012.5"
},
{
"model": "vdi-in-a-box",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "5.4.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.3"
},
{
"model": "junos 13.3r2-s3",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.36"
},
{
"model": "prime infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "color laserjet multifunction printer series q7517a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "400046.380.3"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "ace application control engine appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "flex system p460",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "(7895-42x)0"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "junos pulse for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "stunnel",
"scope": "eq",
"trust": 0.3,
"vendor": "stunnel",
"version": "5.01"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.1.18"
},
{
"model": "websphere datapower xml security gateway xs40",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.05"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "41005.2"
},
{
"model": "tivoli network manager ip edition fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.94"
},
{
"model": "laserjet enterprise mfp m630 series b3g86a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "project openssl 1.0.0m",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.8"
},
{
"model": "dsr-500n rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "color laserjet m651 cz257a 2302963 436073",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "security network intrusion prevention system gx5008-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.21"
},
{
"model": "color laserjet cm6040 multifunction printer q3938a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "52.256.1"
},
{
"model": "netiq sslvpn server",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.45"
},
{
"model": "junos space",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "11.4"
},
{
"model": "ios xr software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.77"
},
{
"model": "storevirtual 600gb sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "413011.5"
},
{
"model": "color laserjet cp4005 printer series cb503a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "46.230.6"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.18"
},
{
"model": "initiate master data service",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.75"
},
{
"model": "sparc m10-1",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "0"
},
{
"model": "nip2000\u00265000 v100r002c10spc100",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.5"
},
{
"model": "sterling b2b integrator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "laserjet enterprise m603 series ce995a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.44"
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.8.0"
},
{
"model": "laserjet enterprise mfp m630 series j7x28a 2303714 233000041",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "communication server 1000e signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "33.0.1750.166"
},
{
"model": "junos 11.4r3.7",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "eupp v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "open source security information management",
"scope": "eq",
"trust": 0.3,
"vendor": "alienvault",
"version": "4.0.3"
},
{
"model": "version control agent",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.3.2"
},
{
"model": "junos 13.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.52"
},
{
"model": "dsr-500 rev. a1",
"scope": null,
"trust": 0.3,
"vendor": "d link",
"version": null
},
{
"model": "guardium database activity monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "big-ip apm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "dgs-1500.20",
"scope": "eq",
"trust": 0.3,
"vendor": "d link",
"version": "2.51.005"
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "laserjet enterprise m602 series ce992a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6000"
},
{
"model": "project openssl 0.9.8o",
"scope": null,
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "junos d15",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "12.1x45-"
},
{
"model": "update manager",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.0"
},
{
"model": "laserjet p2055 printer series ce457a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "20141201"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.1.5"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "idol image server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.87"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.35"
},
{
"model": "system m4 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "x375087520"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.27"
},
{
"model": "oceanstor s5800t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-ip wom",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.1"
},
{
"model": "version control repository manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.1"
},
{
"model": "blackberry os",
"scope": "eq",
"trust": 0.3,
"vendor": "rim",
"version": "10.1"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.36"
},
{
"model": "jabber for mac",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.47"
},
{
"model": "itbm standard",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.1"
},
{
"model": "fortigate",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.8"
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "453011.5"
},
{
"model": "mcp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "66000"
},
{
"model": "color laserjet flow m680 cz250a 2302963 436072",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "websphere cast iron cloud integration",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.32"
},
{
"model": "unified series ip phones",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "69000"
},
{
"model": "tivoli netcool/system service monitor fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0.0"
},
{
"model": "one-x communicator for microsoft windows",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.6"
},
{
"model": "host checker",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junos 12.2r8-s2",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "scale out network attached storage",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.21-20"
},
{
"model": "oceanstor s5600t v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "big-iq cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.38"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.11"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "linerate",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "2.3.1"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.0.6"
},
{
"model": "system x3400m3 type",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "73791.42"
},
{
"model": "laserjet enterprise color m551 series cf083a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5000"
},
{
"model": "big-iq security",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "4.2"
},
{
"model": "winscp",
"scope": "eq",
"trust": 0.3,
"vendor": "winscp",
"version": "5.1.6"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2.4"
},
{
"model": "security network protection",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "51005.1.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.35"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.97"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.34"
},
{
"model": "unified communications manager session management edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.22"
},
{
"model": "malware analyzer g2",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "4.1"
},
{
"model": "video surveillance ptz ip cameras",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "snapdrive for unix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"model": "client applications",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "vm virtualbox",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "4.2"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "4.0.14"
},
{
"model": "laserjet enterprise color mfp m880 d7p71a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "security module for cisco network registar",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "color laserjet cp3525 cc470a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "6.183.1"
},
{
"model": "sbr carrier",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.11"
},
{
"model": "big-ip gtm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.2.1"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.2"
},
{
"model": "laserjet p4014 cb512a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "open systems snapvault",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0.1"
},
{
"model": "tivoli storage productivity center",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2.145"
},
{
"model": "project openssl 0.9.8za",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": null
},
{
"model": "storevirtual 450gb sas storage/s-buy",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-320"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.3.0.1"
},
{
"model": "data ontap storage management initiative specification a",
"scope": "eq",
"trust": 0.3,
"vendor": "netapp",
"version": "0"
},
{
"model": "chrome for android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "35.0"
},
{
"model": "aura application server sip core pb16",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "53002.0"
},
{
"model": "security network intrusion prevention system gx5108-v2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.9"
},
{
"model": "idp series 5.1r4",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "s6900 v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "4.2"
},
{
"model": "big-ip ltm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.2.4"
},
{
"model": "big-ip asm",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.0.00"
},
{
"model": "cloudplatform",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.2.1"
},
{
"model": "puremessage for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "5.5.5"
},
{
"model": "proventia network security controller 1.0.3350m",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "netscaler",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.1-122.17"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "21.0.1180.5"
},
{
"model": "fortimail build",
"scope": "ne",
"trust": 0.3,
"vendor": "fortinet",
"version": "5.0.6170"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "1.9.4"
},
{
"model": "junos 10.4r10",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "clearpass",
"scope": "eq",
"trust": 0.3,
"vendor": "arubanetworks",
"version": "6.3.2"
},
{
"model": "integrated management module ii",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.30"
},
{
"model": "vfabric web server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.3.4"
},
{
"model": "dsm v100r002",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communications policy management",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "10.4.1"
},
{
"model": "communication server 1000m",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "laserjet enterprise m712 series cf238a 2302963 436080",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "700"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "telepresence mx series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "insight control server deployment",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2.2"
},
{
"model": "css series content services switches",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "115000"
},
{
"model": "telepresence system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500-370"
},
{
"model": "tivoli workload scheduler distributed fp04",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "unified agent",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "1.1"
},
{
"model": "oceanstor s5800t v100r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "26.0.1410.35"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "rational clearquest",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.10"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.3.2.10"
},
{
"model": "oneview",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.05"
},
{
"model": "security network intrusion prevention system gx7412-05",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "icewall mcrp",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.0"
},
{
"model": "pan-os",
"scope": "eq",
"trust": 0.3,
"vendor": "paloaltonetworks",
"version": "5.0.7"
},
{
"model": "rational tau",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.33"
},
{
"model": "sylpheed",
"scope": "eq",
"trust": 0.3,
"vendor": "sylpheed",
"version": "0.9.5"
},
{
"model": "communication server 1000m signaling server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "web security gateway anywhere",
"scope": "eq",
"trust": 0.3,
"vendor": "websense",
"version": "7.8.3"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "11.3"
},
{
"model": "junos space 13.3r1.9",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"model": "laserjet p4515 cb517a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "4.213.1"
},
{
"model": "storevirtual 450gb china sas storage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "433011.5"
},
{
"model": "s7700\u0026s9700 v200r001",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "communication server 1000e",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "7.5"
},
{
"model": "9.3-beta1",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "software foundation python",
"scope": "eq",
"trust": 0.3,
"vendor": "python",
"version": "2.7"
},
{
"model": "chrome os",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "25.0.1364.98"
},
{
"model": "laserjet enterprise color mfp m880 a2w75a",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8000"
},
{
"model": "security analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "bluecoat",
"version": "7.1"
},
{
"model": "horizon workspace server gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.5"
},
{
"model": "laserjet enterprise p3015 ce595a",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "7.186.1"
},
{
"model": "espace usm v100r001c01",
"scope": null,
"trust": 0.3,
"vendor": "huawei",
"version": null
},
{
"model": "junos",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HP",
"sources": [
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127136"
},
{
"db": "PACKETSTORM",
"id": "127841"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
}
],
"trust": 0.7
},
"cve": "CVE-2014-0224",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0224",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "LOW",
"baseScore": 6.4,
"collateralDamagePotential": "HIGH",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "HIGH",
"enviromentalScore": 8.1,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 5.5,
"id": "CVE-2014-0224",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"integrityRequirement": "MEDIUM",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:A/AC:M/Au:N/C:C/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2014-0224",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0224",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2014-0224",
"trust": 0.8,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0224",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the \"CCS Injection\" vulnerability. OpenSSL is vulnerable to a man-in-the-middle attack. \nSuccessfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks. \n\nHP IceWall SSO Dfw and MCRP\n\nIf possible, do not use SHOST setting which allows IceWall SSO Dfw or MCRP to\nuse SSL/TLS for back-end web server connection. \n\nHP IceWall SSO Dfw Certd\n\nIf possible, set LDAPSSL to 0 to make HP SSO IceWall Certd to not use SSL/TLS\non any connection with LDAP server. \n\nNote: The HP IceWall product is only available in Japan. \nPlease note that version 7.3.3 of HP Insight Control server migration is\nincluded on the HP Insight Management 7.3 Update 2 DVD. \n\nHP has provided the installation binaries for download from the following web\nsite by using the Receive for free option:\n\nhttp://h18013.www1.hp.com/products/servers/management/fpdownload.html\n\nCustomers using HP Insight Control server migration v7.2.2 must first upgrade\nfrom v7.2.2 to v7.3 by using the HP Insight Management v7.3 DVD, and then\nupgrade to v7.3.3 by using the HP Insight Management v7.3 Update 2 DVD. \n\nCustomers running HP Insight Control server migration v7.3, v7.3.1, or\nv7.3.2, can use the HP Insight Control server migration v7.3 Update 2 DVD to\ncomplete the upgrade. \n\nFor more information on the upgrade process, please refer to the HP Insight\nManagement Installation and Upgrade Guide and Release notes, which are\navailable at the following location:\n\nhttp://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind\nex.aspx?cat=insightmanagement\n\nNOTE: The upgrade paths described above update the entire HP Insight Control\nsoftware stack. To upgrade HP Insight Control server migration only, complete\nthe following steps:\n\nCopy \"hpsmp.exe\" to the local machine from the HP Insight Management v7.3.0\nUpdate 2 DVD ISO. Create batch file with the following commands:\n@echo off\nhpsmp.exe /verysilent /SVCPATCH=Install_Through_Patch\nCopy the batch file to the folder where \"hpsmp.exe\" normally resides on the\ntarget system. \nDouble click on the batch file. \nThe HP Insight Control server migration installation starts in a command\nprompt. \nThe command prompt closes when the installation finishes. \nAfter the installation completes it creates a log file (ICmigr.log) and an\noutput file (ICmigroutput.xml) on the target system. \nDo not close or click on the command prompt while the process is completing. \nDo not run the command prompt in the background. \n\nHISTORY\nVersion:1 (rev.1) - 23 July 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. The\nupdates are available from https://h20392.www2.hp.com/portal/swdepot/displayP\nroductInfo.do?productNumber=OPENSSL11I\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n A.00.09.08za.001_HP-UX_B.11.11_32+64.depot\n\nB.11.23 (11i v2)\n A.00.09.08za.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n A.00.09.08za.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08za or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. ============================================================================\nUbuntu Security Notice USN-2232-3\nJune 23, 2014\n\nopenssl regression\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 13.10\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nUSN-2232-1 introduced a regression in OpenSSL. The upstream fix for\nCVE-2014-0224 caused a regression for certain applications that use\nrenegotiation, such as PostgreSQL. This update fixes the problem. \n\nOriginal advisory details:\n\n J=C3=BCri Aedla discovered that OpenSSL incorrectly handled invalid DTLS\n fragments. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and\n Ubuntu 14.04 LTS. (CVE-2014-0195)\n Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. A\n remote attacker could use this issue to cause OpenSSL to crash, resulting\n in a denial of service. (CVE-2014-0221)\n KIKUCHI Masashi discovered that OpenSSL incorrectly handled certain\n handshakes. \n (CVE-2014-0224)\n Felix Gr=C3=B6bert and Ivan Fratri=C4=87 discovered that OpenSSL incorrectly handled\n anonymous ECDH ciphersuites. A remote attacker could use this issue to\n cause OpenSSL to crash, resulting in a denial of service. This issue only\n affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. \n (CVE-2014-3470)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n libssl1.0.0 1.0.1f-1ubuntu2.4\n\nUbuntu 13.10:\n libssl1.0.0 1.0.1e-3ubuntu1.6\n\nUbuntu 12.04 LTS:\n libssl1.0.0 1.0.1-4ubuntu5.16\n\nUbuntu 10.04 LTS:\n libssl0.9.8 0.9.8k-7ubuntu8.19\n\nAfter a standard system update you need to reboot your computer to make all\nthe necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2232-3\n http://www.ubuntu.com/usn/usn-2232-1\n https://launchpad.net/bugs/1332643\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.4\n https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.6\n https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.16\n https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.19\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04347622\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04347622\nVersion: 1\n\nHPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network\nProducts including H3C and 3COM Routers and Switches running OpenSSL, Remote\nDenial of Service (DoS), Code Execution, Unauthorized Access, Modification or\nDisclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-06-20\nLast Updated: 2014-06-20\n\nPotential Security Impact: Remote Denial of Service (DoS), code execution,\nunauthorized access, modification of information, disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP Intelligent\nManagement Center (iMC), HP Network Products including 3COM and H3C routers\nand switches running OpenSSL. The vulnerabilities could be exploited remotely\nto create a Denial of Service (DoS), execute code, allow unauthorized access,\nmodify or disclose information. \n\nReferences:\n\nCVE-2010-5298 Remote Denial of Service (DoS) or Modification of Information\nCVE-2014-0198 Remote Unauthorized Access (only iMC impacted)\nCVE-2014-0224 Remote Unauthorized Access or Disclosure of Information\nSSRT101561\nNote: All products listed are impacted by CVE-2014-0224 . iMC is also\nimpacted by CVE-2014-0198 and CVE-2010-5298\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nPlease refer to the RESOLUTION\n section below for a list of impacted products. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2010-5298 (AV:N/AC:H/Au:N/C:N/I:P/A:P) 4.0\nCVE-2014-0198 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2014-0224 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nOn June 5th 2014, OpenSSL.org issued an advisory with several CVE\nvulnerabilities. HP Networking is working to release fixes for these\nvulnerabilities that impact the products in the table below. As fixed\nsoftware is made available, this security bulletin will be updated to show\nthe fixed versions. Until the software fixes are available, HP Networking is\nproviding the following information including possible workarounds to\nmitigate the risks of these vulnerabilities. \n\nDescription\n\nThe most serious issue reported is CVE-2014-0224 and it is the one discussed\nhere. To take advantage CVE-2014-0224, an attacker must:\n\nbe in between the OpenSSL client and OpenSSL server. \nbe capable of intercepting and modifying packets between the OpenSSL client\nand OpenSSL server in real time. \n\nWorkarounds\n\nHP Networking equipment is typically deployed inside firewalls and access to\nmanagement interfaces and other protocols is more tightly controlled than in\npublic environments. This deployment and security restrictions help to reduce\nthe possibility of an attacker being able to intercept both OpenSSL client\nand OpenSSL server traffic. \n\nFollowing the guidelines in the Hardening Comware-based devices can help to\nfurther reduce man-in-the-middle opportunities:\n\nhttp://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=c03536\n920\n\nFor an HP Networking device acting as an OpenSSL Server, using a patched\nOpenSSL client or non-OpenSSL client eliminates the risk. As an example, most\nmodern web browsers do not use the OpenSSL client and the sessions between\nthe HP Networking OpenSSL server and the non-OpenSSL client are not at risk\nfor this attack. For HP Networking Equipment that is using an OpenSSL client,\npatching the OpenSSL server will eliminate the risk of this attack. \n\nProtocol Notes\n\nThe following details the protocols that use OpenSSL in Comware v5 and\nComware v7:\n\nComware V7:\n\nServer:\n\nFIPS/HTTPS/Load Balancing/Session Initiation Protocol\n\nClient:\n\nLoad Balancing/OpenFlow/Session Initiation Protocol/State Machine Based\nAnti-Spoofing/Dynamic DNS\n\nComware V5:\n\nServer:\n\nCAPWAP/EAP/SSLVPN\n\nClient:\n\nDynamic DNS\n\nFamily\n Fixed Version\n HP Branded Products Impacted\n H3C Branded Products Impacted\n 3Com Branded Products Impacted\n\n12900 Switch Series\n Fix in progress\nuse mitigations\n JG619A HP FF 12910 Switch AC Chassis\nJG621A HP FF 12910 Main Processing Unit\nJG632A HP FF 12916 Switch AC Chassis\nJG634A HP FF 12916 Main Processing Unit\n\n12500\n Fix in progress\nuse mitigations\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJC808A HP 12500 TAA Main Processing Unit\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n12500 (Comware v7)\n Fix in progress\nuse mitigations\n JC085A HP A12518 Switch Chassis\nJC086A HP A12508 Switch Chassis\nJC652A HP 12508 DC Switch Chassis\nJC653A HP 12518 DC Switch Chassis\nJC654A HP 12504 AC Switch Chassis\nJC655A HP 12504 DC Switch Chassis\nJF430A HP A12518 Switch Chassis\nJF430B HP 12518 Switch Chassis\nJF430C HP 12518 AC Switch Chassis\nJF431A HP A12508 Switch Chassis\nJF431B HP 12508 Switch Chassis\nJF431C HP 12508 AC Switch Chassis\nJC072B HP 12500 Main Processing Unit\nJG497A HP 12500 MPU w/Comware V7 OS\nJG782A HP FF 12508E AC Switch Chassis\nJG783A HP FF 12508E DC Switch Chassis\nJG784A HP FF 12518E AC Switch Chassis\nJG785A HP FF 12518E DC Switch Chassis\nJG802A HP FF 12500E MPU\n H3C S12508 Routing Switch(AC-1) (0235A0GE)\nH3C S12518 Routing Switch(AC-1) (0235A0GF)\nH3C S12508 Chassis (0235A0E6)\nH3C S12508 Chassis (0235A38N)\nH3C S12518 Chassis (0235A0E7)\nH3C S12518 Chassis (0235A38M)\n\n11900 Switch Series\n Fix in progress\nuse mitigations\n JG608A HP FF 11908-V Switch Chassis\nJG609A HP FF 11900 Main Processing Unit\n\n10500 Switch Series (Comware v5)\n Fix in progress\nuse mitigations\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC614A HP 10500 Main Processing Unit\nJC748A HP 10512 Switch Chassis\nJG375A HP 10500 TAA Main Processing Unit\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\n\n10500 Switch Series (Comware v7)\n Fix in progress\nuse mitigations\n JC611A HP 10508-V Switch Chassis\nJC612A HP 10508 Switch Chassis\nJC613A HP 10504 Switch Chassis\nJC748A HP 10512 Switch Chassis\nJG820A HP 10504 TAA Switch Chassis\nJG821A HP 10508 TAA Switch Chassis\nJG822A HP 10508-V TAA Switch Chassis\nJG823A HP 10512 TAA Switch Chassis\nJG496A HP 10500 Type A MPU w/Comware v7 OS\n\n9500E\n Fix in progress\nuse mitigations\n JC124A HP A9508 Switch Chassis\nJC124B HP 9505 Switch Chassis\nJC125A HP A9512 Switch Chassis\nJC125B HP 9512 Switch Chassis\nJC474A HP A9508-V Switch Chassis\nJC474B HP 9508-V Switch Chassis\n H3C S9505E Routing-Switch Chassis (0235A0G6)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9512E Routing-Switch Chassis (0235A0G7)\nH3C S9508E-V Routing-Switch Chassis (0235A38Q)\nH3C S9505E Chassis w/ Fans (0235A38P)\nH3C S9512E Chassis w/ Fans (0235A38R)\n\nRouter 8800\n Fix in progress\nuse mitigations\n JC147A HP A8802 Router Chassis\nJC147B HP 8802 Router Chassis\nJC148A HP A8805 Router Chassis\nJC148B HP 8805 Router Chassis\nJC149A HP A8808 Router Chassis\nJC149B HP 8808 Router Chassis\nJC150A HP A8812 Router Chassis\nJC150B HP 8812 Router Chassis\nJC141A HP 8802 Main Control Unit Module\nJC138A HP 8805/08/12 (1E) Main Cntrl Unit Mod\nJC137A HP 8805/08/12 (2E) Main Cntrl Unit Mod\n H3C SR8805 10G Core Router Chassis (0235A0G8)\nH3C SR8808 10G Core Router Chassis (0235A0G9)\nH3C SR8812 10G Core Router Chassis (0235A0GA)\nH3C SR8802 10G Core Router Chassis (0235A0GC)\nH3C SR8802 10G Core Router Chassis (0235A31B)\nH3C SR8805 10G Core Router Chassis (0235A31C)\nH3C SR8808 10G Core Router Chassis (0235A31D)\nH3C SR8812 10G Core Router Chassis (0235A31E)\n\n7500 Switch Series\n Fix in progress\nuse mitigations\n JC666A HP A7503-S 144 Gbps Fab/MPU w 24p Gig-T\nJC697A HP A7502 TAA Main Processing Unit\nJC698A HP A7503S 144 Gbps TAA Fab/MPU w 24p GbE\nJC699A HP A7500 384Gbps TAA Fab/MPU w 2p 10-GbE\nJC700A HP A7500 384 Gbps TAA Fabric / MPU\nJC701A HP A7510 768 Gbps TAA Fabric / MPU\nJD193A HP 384 Gbps A7500 Fab Mod w/2 XFP Ports\nJD193B HP 7500 384Gbps Fab Mod w/2 XFP Ports\nJD194A HP 384 Gbps Fabric A7500 Module\nJD194B HP 7500 384Gbps Fabric Module\nJD195A HP 7500 384Gbps Advanced Fabric Module\nJD196A HP 7502 Fabric Module\nJD220A HP 7500 768Gbps Fabric Module\nJD238A HP A7510 Switch Chassis\nJD238B HP 7510 Switch Chassis\nJD239A HP A7506 Switch Chassis\nJD239B HP 7506 Switch Chassis\nJD240A HP A7503 Switch Chassis\nJD240B HP 7503 Switch Chassis\nJD241A HP A7506 Vertical Switch Chassis\nJD241B HP 7506-V Switch Chassis\nJD242A HP A7502 Switch Chassis\nJD242B HP 7502 Switch Chassis\nJD243A HP A7503 Switch Chassis w/1 Fabric Slot\nJD243B HP 7503-S Switch Chassis w/1 Fabric Slot\n H3C S7502E Ethernet Switch Chassis with Fan (0235A0G4)\nH3C S7503E Ethernet Switch Chassis with Fan (0235A0G2)\nH3C S7503E-S Ethernet Switch Chassis with Fan (0235A0G5)\nH3C S7506E Ethernet Switch Chassis with Fan (0235A0G1)\nH3C S7506E-V Ethernet Switch Chassis with Fan (0235A0G3)\nH3C S7510E Ethernet Switch Chassis with Fan (0235A0G0)\nH3C S7502E Chassis w/ fans (0235A29A)\nH3C S7503E Chassis w/ fans (0235A27R)\nH3C S7503E-S Chassis w/ fans (0235A33R)\nH3C S7506E Chassis w/ fans (0235A27Q)\nH3C S7506E-V Chassis w/ fans (0235A27S)\n\nHSR6800\n Fix in progress\nuse mitigations\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6800 Russian Version\n Fix in progress\nuse mitigations\n JG361A HP HSR6802 Router Chassis\nJG362A HP HSR6804 Router Chassis\nJG363A HP HSR6808 Router Chassis\nJG364A HP HSR6800 RSE-X2 Router MPU\nJG779A HP HSR6800 RSE-X2 Router TAA MPU\n\nHSR6602\n Fix in progress\nuse mitigations\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\nHSR6602 Russian Version\n Fix in progress\nuse mitigations\n JG353A HP HSR6602-G Router\nJG354A HP HSR6602-XG Router\nJG776A HP HSR6602-G TAA Router\nJG777A HP HSR6602-XG TAA Router\n\nA6600\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\nA6600 Russian Version\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJC566A HP A6600 RSE-X1 Main Processing Unit\nJG780A HP 6600 RSE-X1 Router TAA MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU. JG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n6600 MCP Russian Version\n Fix in progress\nuse mitigations\n JC177A HP 6608 Router\nJC177B HP A6608 Router Chassis\nJC178A HP 6604 Router Chassis\nJC178B HP A6604 Router Chassis\nJC496A HP 6616 Router Chassis\nJG778A HP 6600 MCP-X2 Router TAA MPU\nJG355A HP 6600 MCP-X1 Router MPU\nJG356A HP 6600 MCP-X2 Router MPU\n H3C RT-SR6608-OVS-H3 (0235A32X)\nH3C RT-SR6604-OVS-H3 (0235A37X)\nH3C SR6616 Router Chassis (0235A41D)\n\n5920 Switch Series\n Fix in progress\nuse mitigations\n JG296A HP 5920AF-24XG Switch\nJG555A HP 5920AF-24XG TAA Switch\n\n5900 Switch Series\n Fix in progress\nuse mitigations\n JC772A HP 5900AF-48XG-4QSFP+ Switch\nJG336A HP 5900AF-48XGT-4QSFP+ Switch\nJG510A HP 5900AF-48G-4XG-2QSFP+ Switch\nJG554A HP 5900AF-48XG-4QSFP+ TAA Switch\nJG838A HP FF 5900CP-48XG-4QSFP+ Switch\n\n5900 Virtual Switch\n Fix in progress\nuse mitigations\n JG814AAE HP Virtual Switch 5900v VMware E-LTU\nJG815AAE HP VSO SW for 5900v VMware E-LTU\n\n5830 Switch Series\n Fix in progress\nuse mitigations\n JC691A HP A5830AF-48G Switch w/1 Interface Slot\nJC694A HP A5830AF-96G Switch\nJG316A HP 5830AF-48G TAA Switch w/1 Intf Slot\nJG374A HP 5830AF-96G TAA Switch\n\n5820 Switch Series\n Fix in progress\nuse mitigations\n JC102A HP 5820-24XG-SFP+ Switch\nJC106A HP 5820-14XG-SFP+ Switch with 2 Slots\nJG219A HP 5820AF-24XG Switch\nJG243A HP 5820-24XG-SFP+ TAA-compliant Switch\nJG259A HP 5820X-14XG-SFP+ TAA Switch w 2 Slots\n H3C S5820X-28C 14 port (SFP Plus ) Plus 4-port BT (RJ45) Plus 2 media\nmodules Plus OSM (0235A37L)\nH3C S5820X-28S 24-port 10GBASE-X (SFP Plus ) Plus 4-port 10/100/1000BASE-T\n(RJ45) (0235A370)\n\n5800 Switch Series\n Fix in progress\nuse mitigations\n JC099A HP 5800-24G-PoE Switch\nJC100A HP 5800-24G Switch\nJC101A HP 5800-48G Switch with 2 Slots\nJC103A HP 5800-24G-SFP Switch\nJC104A HP 5800-48G-PoE Switch\nJC105A HP 5800-48G Switch\nJG225A HP 5800AF-48G Switch\nJG242A HP 5800-48G-PoE+ TAA Switch w 2 Slots\nJG254A HP 5800-24G-PoE+ TAA-compliant Switch\nJG255A HP 5800-24G TAA-compliant Switch\nJG256A HP 5800-24G-SFP TAA Switch w 1 Intf Slt\nJG257A HP 5800-48G-PoE+ TAA Switch with 1 Slot\nJG258A HP 5800-48G TAA Switch w 1 Intf Slot\n H3C S5800-32C - 24-port 1BT Plus 4-port (SFP Plus ) Plus 1 media slot\n(0235A36U)\nH3C S5800-32C-PWR - 24-port 10/100/1000BASE-T (RJ45) Plus 4-port 10GBASE-X\n(SFP Plus ) Plus 1 media module PoE (0235A36S)\nH3C S5800-32F 24-port 1000BASE-X (SFP) Plus 4-port 10GBASE-X (SFP Plus ) Plus\nmedia module (no power) (0235A374)\nH3C S5800-56C 48-port 10/100/1000BASE-T (RJ45) Plus 4port 10GBASE-X (SFP Plus\n) Plus media module (0235A379)\nH3C S5800-56C-PWR 48-port BT Plus 4 port (SFP Plus ) Plus media module\n(0235A378)\nH3C S5800-60C-PWR 48-port BT Plus 4-port SFP Plus 2 media modules Plus OSM\n(0235A36W)\n\n5500 HI Switch Series\n Fix in progress\nuse mitigations\n JG311A HP HI 5500-24G-4SFP w/2 Intf Slts Switch\nJG312A HP HI 5500-48G-4SFP w/2 Intf Slts Switch\nJG541A HP 5500-24G-PoE+-4SFP HI Switch w/2 Slt\nJG542A HP 5500-48G-PoE+-4SFP HI Switch w/2 Slt\nJG543A HP 5500-24G-SFP HI Switch w/2 Intf Slt\nJG679A HP 5500-24G-PoE+-4SFP HI TAA Swch w/2Slt\nJG680A HP 5500-48G-PoE+-4SFP HI TAA Swch w/2Slt\nJG681A HP 5500-24G-SFP HI TAA Swch w/2Slt\n\n5500 EI Switch Series\n Fix in progress\nuse mitigations\n JD373A HP 5500-24G DC EI Switch\nJD374A HP 5500-24G-SFP EI Switch\nJD375A HP 5500-48G EI Switch\nJD376A HP 5500-48G-PoE EI Switch\nJD377A HP 5500-24G EI Switch\nJD378A HP 5500-24G-PoE EI Switch\nJD379A HP 5500-24G-SFP DC EI Switch\nJG240A HP 5500-48G-PoE+ EI Switch w/2 Intf Slts\nJG241A HP 5500-24G-PoE+ EI Switch w/2 Intf Slts\nJG249A HP 5500-24G-SFP EI TAA Switch w 2 Slts\nJG250A HP 5500-24G EI TAA Switch w 2 Intf Slts\nJG251A HP 5500-48G EI TAA Switch w 2 Intf Slts\nJG252A HP 5500-24G-PoE+ EI TAA Switch w/2 Slts\nJG253A HP 5500-48G-PoE+ EI TAA Switch w/2 Slts\n H3C S5500-28C-EI Ethernet Switch (0235A253)\nH3C S5500-28F-EI Eth Switch AC Single (0235A24U)\nH3C S5500-52C-EI Ethernet Switch (0235A24X)\nH3C S5500-28C-EI-DC Ethernet Switch (0235A24S)\nH3C S5500-28C-PWR-EI Ethernet Switch (0235A255)\nH3C S5500-28F-EI Eth Swtch DC Single Pwr (0235A259)\nH3C S5500-52C-PWR-EI Ethernet Switch (0235A251)\n\n5500 SI Switch Series\n Fix in progress\nuse mitigations\n JD369A HP 5500-24G SI Switch\nJD370A HP 5500-48G SI Switch\nJD371A HP 5500-24G-PoE SI Switch\nJD372A HP 5500-48G-PoE SI Switch\nJG238A HP 5500-24G-PoE+ SI Switch w/2 Intf Slts\nJG239A HP 5500-48G-PoE+ SI Switch w/2 Intf Slts\n H3C S5500-28C-SI Ethernet Switch (0235A04U)\nH3C S5500-52C-SI Ethernet Switch (0235A04V)\nH3C S5500-28C-PWR-SI Ethernet Switch (0235A05H)\nH3C S5500-52C-PWR-SI Ethernet Switch (0235A05J)\n\n5120 EI Switch Series\n Fix in progress\nuse mitigations\n JE066A HP 5120-24G EI Switch\nJE067A HP 5120-48G EI Switch\nJE068A HP 5120-24G EI Switch with 2 Slots\nJE069A HP 5120-48G EI Switch with 2 Slots\nJE070A HP 5120-24G-PoE EI Switch with 2 Slots\nJE071A HP 5120-48G-PoE EI Switch with 2 Slots\nJG236A HP 5120-24G-PoE+ EI Switch w/2 Intf Slts\nJG237A HP 5120-48G-PoE+ EI Switch w/2 Intf Slts\nJG245A HP 5120-24G EI TAA Switch w 2 Intf Slts\nJG246A HP 5120-48G EI TAA Switch w 2 Intf Slts\nJG247A HP 5120-24G-PoE+ EI TAA Switch w 2 Slts\nJG248A HP 5120-48G-PoE+ EI TAA Switch w 2 Slts\n H3C S5120-24P-EI 24GE Plus 4ComboSFP (0235A0BQ)\nH3C S5120-28C-EI 24GE Plus 4Combo Plus 2Slt (0235A0BS)\nH3C S5120-48P-EI 48GE Plus 4ComboSFP (0235A0BR)\nH3C S5120-52C-EI 48GE Plus 4Combo Plus 2Slt (0235A0BT)\nH3C S5120-28C-PWR-EI 24G Plus 4C Plus 2S Plus POE (0235A0BU)\nH3C S5120-52C-PWR-EI 48G Plus 4C Plus 2S Plus POE (0235A0BV)\n\n5120 SI switch Series\n Fix in progress\nuse mitigations\n JE072A HP 5120-48G SI Switch\nJE073A HP 5120-16G SI Switch\nJE074A HP 5120-24G SI Switch\nJG091A HP 5120-24G-PoE+ (370W) SI Switch\nJG092A HP 5120-24G-PoE+ (170W) SI Switch\n H3C S5120-52P-SI 48GE Plus 4 SFP (0235A41W)\nH3C S5120-20P-SI L2\n16GE Plus 4SFP (0235A42B)\nH3C S5120-28P-SI 24GE Plus 4 SFP (0235A42D)\nH3C S5120-28P-HPWR-SI (0235A0E5)\nH3C S5120-28P-PWR-SI (0235A0E3)\n\n4800 G Switch Series\n Fix in progress\nuse mitigations\n JD007A HP 4800-24G Switch\nJD008A HP 4800-24G-PoE Switch\nJD009A HP 4800-24G-SFP Switch\nJD010A HP 4800-48G Switch\nJD011A HP 4800-48G-PoE Switch\n\n 3Com Switch 4800G 24-Port (3CRS48G-24-91)\n3Com Switch 4800G 24-Port SFP (3CRS48G-24S-91)\n3Com Switch 4800G 48-Port (3CRS48G-48-91)\n3Com Switch 4800G PWR 24-Port (3CRS48G-24P-91)\n3Com Switch 4800G PWR 48-Port (3CRS48G-48P-91)\n\n4510G Switch Series\n Fix in progress\nuse mitigations\n JF428A HP 4510-48G Switch\nJF847A HP 4510-24G Switch\n\n 3Com Switch 4510G 48 Port (3CRS45G-48-91)\n3Com Switch 4510G PWR 24-Port (3CRS45G-24P-91)\n3Com Switch E4510-24G (3CRS45G-24-91)\n\n4210G Switch Series\n Fix in progress\nuse mitigations\n JF844A HP 4210-24G Switch\nJF845A HP 4210-48G Switch\nJF846A HP 4210-24G-PoE Switch\n\n 3Com Switch 4210-24G (3CRS42G-24-91)\n3Com Switch 4210-48G (3CRS42G-48-91)\n3Com Switch E4210-24G-PoE (3CRS42G-24P-91)\n\n3610 Switch Series\n Fix in progress\nuse mitigations\n JD335A HP 3610-48 Switch\nJD336A HP 3610-24-4G-SFP Switch\nJD337A HP 3610-24-2G-2G-SFP Switch\nJD338A HP 3610-24-SFP Switch\n H3C S3610-52P - model LS-3610-52P-OVS (0235A22C)\nH3C S3610-28P - model LS-3610-28P-OVS (0235A22D)\nH3C S3610-28TP - model LS-3610-28TP-OVS (0235A22E)\nH3C S3610-28F - model LS-3610-28F-OVS (0235A22F)\n\n3600 V2 Switch Series\n Fix in progress\nuse mitigations\n JG299A HP 3600-24 v2 EI Switch\nJG300A HP 3600-48 v2 EI Switch\nJG301A HP 3600-24-PoE+ v2 EI Switch\nJG301B HP 3600-24-PoE+ v2 EI Switch\nJG302A HP 3600-48-PoE+ v2 EI Switch\nJG302B HP 3600-48-PoE+ v2 EI Switch\nJG303A HP 3600-24-SFP v2 EI Switch\nJG304A HP 3600-24 v2 SI Switch\nJG305A HP 3600-48 v2 SI Switch\nJG306A HP 3600-24-PoE+ v2 SI Switch\nJG306B HP 3600-24-PoE+ v2 SI Switch\nJG307A HP 3600-48-PoE+ v2 SI Switch\nJG307B HP 3600-48-PoE+ v2 SI Switch\n\n3100V2\n Fix in progress\nuse mitigations\n JD313B HP 3100-24-PoE v2 EI Switch\nJD318B HP 3100-8 v2 EI Switch\nJD319B HP 3100-16 v2 EI Switch\nJD320B HP 3100-24 v2 EI Switch\nJG221A HP 3100-8 v2 SI Switch\nJG222A HP 3100-16 v2 SI Switch\nJG223A HP 3100-24 v2 SI Switch\n\n3100V2-48\n Fix in progress\nuse mitigations\n JG315A HP 3100-48 v2 Switch\n\n1910\n Fix in progress\nuse mitigations\n JE005A HP 1910-16G Switch\nJE006A HP 1910-24G Switch\nJE007A HP 1910-24G-PoE (365W) Switch\nJE008A HP 1910-24G-PoE(170W) Switch\nJE009A HP 1910-48G Switch\nJG348A HP 1910-8G Switch\nJG349A HP 1910-8G-PoE+ (65W) Switch\nJG350A HP 1910-8G-PoE+ (180W) Switch\n 3Com Baseline Plus Switch 2900 Gigabit Family - 52 port (3CRBSG5293)\n3Com Baseline Plus Switch 2900G - 20 port (3CRBSG2093)\n3Com Baseline Plus Switch 2900G - 28 port (3CRBSG2893)\n3Com Baseline Plus Switch 2900G - 28HPWR (3CRBSG28HPWR93)\n3Com Baseline Plus Switch 2900G - 28PWR (3CRBSG28PWR93)\n\n1810v1 P2\n Fix in progress\nuse mitigations\n J9449A HP 1810-8G Switch\nJ9450A HP 1810-24G Switch\n\n1810v1 PK\n Fix in progress\nuse mitigations\n J9660A HP 1810-48G Switch\n\nMSR20\n Fix in progress\nuse mitigations\n JD432A HP A-MSR20-21 Multi-Service Router\nJD662A HP MSR20-20 Multi-Service Router\nJD663A HP MSR20-21 Multi-Service Router\nJD663B HP MSR20-21 Router\nJD664A HP MSR20-40 Multi-Service Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\nH3C MSR 20-20 (0235A19H)\nH3C MSR 20-21 (0235A325)\nH3C MSR 20-40 (0235A19K)\nH3C MSR-20-21 Router (0235A19J)\n\nMSR20-1X\n Fix in progress\nuse mitigations\n JD431A HP MSR20-10 Router\nJD667A HP MSR20-15 IW Multi-Service Router\nJD668A HP MSR20-13 Multi-Service Router\nJD669A HP MSR20-13 W Multi-Service Router\nJD670A HP MSR20-15 A Multi-Service Router\nJD671A HP MSR20-15 AW Multi-Service Router\nJD672A HP MSR20-15 I Multi-Service Router\nJD673A HP MSR20-11 Multi-Service Router\nJD674A HP MSR20-12 Multi-Service Router\nJD675A HP MSR20-12 W Multi-Service Router\nJD676A HP MSR20-12 T1 Multi-Service Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\nJG209A HP MSR20-12-T-W Router (NA)\nJG210A HP MSR20-13-W Router (NA)\n H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\nH3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-11 (0235A31V)\nH3C MSR 20-12 (0235A32E)\nH3C MSR 20-12 T1 (0235A32B)\nH3C MSR 20-13 (0235A31W)\nH3C MSR 20-13 W (0235A31X)\nH3C MSR 20-15 A (0235A31Q)\nH3C MSR 20-15 A W (0235A31R)\nH3C MSR 20-15 I (0235A31N)\nH3C MSR 20-15 IW (0235A31P)\nH3C MSR20-12 W (0235A32G)\n\nMSR30\n Fix in progress\nuse mitigations\n JD654A HP MSR30-60 POE Multi-Service Router\nJD657A HP MSR30-40 Multi-Service Router\nJD658A HP MSR30-60 Multi-Service Router\nJD660A HP MSR30-20 POE Multi-Service Router\nJD661A HP MSR30-40 POE Multi-Service Router\nJD666A HP MSR30-20 Multi-Service Router\nJF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF232A HP RT-MSR3040-AC-OVS-AS-H3\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S)\nH3C MSR 30-20 (0235A19L)\nH3C MSR 30-20 POE (0235A239)\nH3C MSR 30-40 (0235A20J)\nH3C MSR 30-40 POE (0235A25R)\nH3C MSR 30-60 (0235A20K)\nH3C MSR 30-60 POE (0235A25S)\nH3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V)\n\nMSR30-16\n Fix in progress\nuse mitigations\n JD659A HP MSR30-16 POE Multi-Service Router\nJD665A HP MSR30-16 Multi-Service Router\nJF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\nH3C MSR 30-16 (0235A237)\nH3C MSR 30-16 POE (0235A238)\n\nMSR30-1X\n Fix in progress\nuse mitigations\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\nH3C RT-MSR3011-AC-OVS-H3 (0235A29L)\n\nMSR50\n Fix in progress\nuse mitigations\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\n\nMSR50-G2\n Fix in progress\nuse mitigations\n JD429A HP MSR50 G2 Processor Module\nJD429B HP MSR50 G2 Processor Module\n H3C H3C MSR 50 Processor Module-G2 (0231A84Q)\nH3C MSR 50 High Performance Main Processing Unit 3GE (Combo)\n256F/1GD(0231A0KL)\n\nMSR20 Russian version\n Fix in progress\nuse mitigations\n JD663B HP MSR20-21 Router\nJF228A HP MSR20-40 Router\nJF283A HP MSR20-20 Router\n H3C RT-MSR2020-AC-OVS-H3C (0235A324)\nH3C RT-MSR2040-AC-OVS-H3 (0235A326)\n\nMSR20-1X Russian version\n Fix in progress\nuse mitigations\n JD431A HP MSR20-10 Router\nJF236A HP MSR20-15-I Router\nJF237A HP MSR20-15-A Router\nJF238A HP MSR20-15-I-W Router\nJF239A HP MSR20-11 Router\nJF240A HP MSR20-13 Router\nJF241A HP MSR20-12 Router\nJF806A HP MSR20-12-T Router\nJF807A HP MSR20-12-W Router\nJF808A HP MSR20-13-W Router\nJF809A HP MSR20-15-A-W Router\nJF817A HP MSR20-15 Router\n H3C MSR 20-10 (0235A0A7)\nH3C RT-MSR2015-AC-OVS-I-H3 (0235A394)\nH3C RT-MSR2015-AC-OVS-A-H3 (0235A392)\nH3C RT-MSR2015-AC-OVS-AW-H3 (0235A393)\nH3C RT-MSR2011-AC-OVS-H3 (0235A395)\nH3C RT-MSR2013-AC-OVS-H3 (0235A390)\nH3C RT-MSR2012-AC-OVS-H3 (0235A396)\nH3C RT-MSR2012-T-AC-OVS-H3 (0235A398)\nH3C RT-MSR2012-AC-OVS-W-H3 (0235A397)\nH3C RT-MSR2013-AC-OVS-W-H3 (0235A391)\nH3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V)\nH3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8)\n\nMSR30 Russian version\n Fix in progress\nuse mitigations\n JF229A HP MSR30-40 Router\nJF230A HP MSR30-60 Router\nJF235A HP MSR30-20 DC Router\nJF284A HP MSR30-20 Router\nJF287A HP MSR30-40 DC Router\nJF801A HP MSR30-60 DC Router\nJF802A HP MSR30-20 PoE Router\nJF803A HP MSR30-40 PoE Router\nJF804A HP MSR30-60 PoE Router\n H3C RT-MSR3040-AC-OVS-H (0235A299)\nH3C RT-MSR3060-AC-OVS-H3 (0235A320)\nH3C RT-MSR3020-DC-OVS-H3 (0235A267)\nH3C MSR 30-20 Router (0235A328)\nH3C MSR 30-40 Router Host(DC) (0235A268)\nH3C RT-MSR3060-DC-OVS-H3 (0235A269)\nH3C RT-MSR3020-AC-POE-OVS-H3 (0235A322)\nH3C RT-MSR3040-AC-POE-OVS-H3 (0235A323)\nH3C RT-MSR3060-AC-POE-OVS-H3 (0235A296)\n\nMSR30-1X Russian version\n Fix in progress\nuse mitigations\n JF800A HP MSR30-11 Router\nJF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr\nJG182A HP MSR30-11E Router\nJG183A HP MSR30-11F Router\nJG184A HP MSR30-10 DC Router\n H3C RT-MSR3011-AC-OVS-H3 (0235A29L)\nH3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H)\n\nMSR30-16 Russian version\n Fix in progress\nuse mitigations\n JF233A HP MSR30-16 Router\nJF234A HP MSR30-16 PoE Router\n H3C RT-MSR3016-AC-OVS-H3 (0235A327)\nH3C RT-MSR3016-AC-POE-OVS-H3 (0235A321)\n\nMSR50 Russian version\n Fix in progress\nuse mitigations\n JD433A HP MSR50-40 Router\nJD653A HP MSR50 Processor Module\nJD655A HP MSR50-40 Multi-Service Router\nJD656A HP MSR50-60 Multi-Service Router\nJF231A HP MSR50-60 Router\nJF285A HP MSR50-40 DC Router\nJF640A HP MSR50-60 Rtr Chassis w DC PwrSupply\n H3C MSR 50-40 Router (0235A297)\nH3C MSR 50 Processor Module (0231A791)\nH3C MSR 50-40 Chassis (0235A20N)\nH3C MSR 50-60 Chassis (0235A20L)\nH3C RT-MSR5060-AC-OVS-H3 (0235A298)\nH3C MSR5040-DC-OVS-H3C (0235A20P)\n\nMSR50 G2 Russian version\n Fix in progress\nuse mitigations\n JD429B HP MSR50 G2 Processor Module\n H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD\n(0231A0KL)\n\nMSR9XX\n Fix in progress\nuse mitigations\n JF812A HP MSR900 Router\nJF813A HP MSR920 Router\nJF814A HP MSR900-W Router\nJF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr\nJG207A HP MSR900-W Router (NA)\nJG208A HP MSR920-W Router (NA)\n H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b\n(0235A0C2)\nH3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX)\nH3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)\nH3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)\n\nMSR9XX Russian version\n Fix in progress\nuse mitigations\n JF812A HP MSR900 Router\nJF813A HP MSR920 Router\nJF814A HP MSR900-W Router\nJF815A HP MSR920 2FEWAN/8FELAN/.11b/g Rtr\n H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX)\nH3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0)\nH3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2)\nH3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4)\n\nMSR93X\n Fix in progress\nuse mitigations\n JG511A HP MSR930 Router\nJG512A HP MSR930 Wireless Router\nJG513A HP MSR930 3G Router\nJG514A HP MSR931 Router\nJG515A HP MSR931 3G Router\nJG516A HP MSR933 Router\nJG517A HP MSR933 3G Router\nJG518A HP MSR935 Router\nJG519A HP MSR935 Wireless Router\nJG520A HP MSR935 3G Router\nJG531A HP MSR931 Dual 3G Router\nJG596A HP MSR930 4G LTE/3G CDMA Router\nJG597A HP MSR936 Wireless Router\nJG665A HP MSR930 4G LTE/3G WCDMA Global Router\nJG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n\nMSR93X Russian version\n Fix in progress\nuse mitigations\n JG511A HP MSR930 Router\nJG512A HP MSR930 Wireless Router\nJG513A HP MSR930 3G Router\nJG514A HP MSR931 Router\nJG515A HP MSR931 3G Router\nJG516A HP MSR933 Router\nJG517A HP MSR933 3G Router\nJG518A HP MSR935 Router\nJG519A HP MSR935 Wireless Router\nJG520A HP MSR935 3G Router\nJG531A HP MSR931 Dual 3G Router\nJG596A HP MSR930 4G LTE/3G CDMA Router\nJG597A HP MSR936 Wireless Router\nJG665A HP MSR930 4G LTE/3G WCDMA Global Router\nJG704A HP MSR930 4G LTE/3G WCDMA ATT Router\n\nMSR1000\n Fix in progress\nuse mitigations\n JG732A HP MSR1003-8 AC Router\n\nMSR2000\n Fix in progress\nuse mitigations\n JG411A HP MSR2003 AC Router\n\nMSR3000\n Fix in progress\nuse mitigations\n JG404A HP MSR3064 Router\nJG405A HP MSR3044 Router\nJG406A HP MSR3024 AC Router\nJG409A HP MSR3012 AC Router\nJG861A HP MSR3024 TAA-compliant AC Router\n\nMSR4000\n Fix in progress\nuse mitigations\n JG402A HP MSR4080 Router Chassis\nJG403A HP MSR4060 Router Chassis\nJG412A HP MSR4000 MPU-100 Main Processing Unit\n\nF5000\n Fix in progress\nuse mitigations\n JG216A HP F5000 Firewall Standalone Chassis\nJD259A HP A5000-A5 VPN Firewall Chassis\n H3C SecPath F5000-A5 Host System (0150A0AG)\n\nU200S and CS\n Fix in progress\nuse mitigations\n JD268A HP 200-CS UTM Appliance\nJD273A HP U200-S UTM Appliance\n H3C SecPath U200-S (0235A36N)\n\nU200A and M\n Fix in progress\nuse mitigations\n JD274A HP 200-M UTM Appliance\nJD275A HP U200-A UTM Appliance\n H3C SecPath U200-A (0235A36Q)\n\nF1000A and S\n Fix in progress\nuse mitigations\n JD270A HP S1000-S VPN Firewall Appliance\nJD271A HP S1000-A VPN Firewall Appliance\nJG213A HP F1000-S-EI VPN Firewall Appliance\nJG214A HP F1000-A-EI VPN Firewall Appliance\n\nSecBlade FW\n Fix in progress\nuse mitigations\n JC635A HP 12500 VPN Firewall Module\nJD245A HP 9500 VPN Firewall Module\nJD249A HP 10500/7500 Advanced VPN Firewall Mod\nJD250A HP 6600 Firewall Processing Rtr Module\nJD251A HP 8800 Firewall Processing Module\nJD255A HP 5820 VPN Firewall Module\n H3C S9500E SecBlade VPN Firewall Module (0231A0AV)\nH3C S7500E SecBlade VPN Firewall Module (0231A832)\nH3C SR66 Gigabit Firewall Module (0231A88A)\nH3C SR88 Firewall Processing Module (0231A88L)\nH3C S5820 SecBlade VPN Firewall Module (0231A94J)\n\nF1000E\n Fix in progress\nuse mitigations\n JD272A HP S1000-E VPN Firewall Appliance\n\nVSR1000\n Fix in progress\nuse mitigations\n JG810AAE HP VSR1001 Virtual Services Router\nJG811AAE HP VSR1001 Virtual Services Router\nJG812AAE HP VSR1004 Virtual Services Router\nJG813AAE HP VSR1008 Virtual Services Router\n\nWX5002/5004\n Fix in progress\nuse mitigations\n JD441A HP 5800 ACM for 64-256 APs\nJD447B HP WX5002 Access Controller\nJD448A HP A-WX5004 Access Controller\nJD448B HP WX5004 Access Controller\nJD469A HP A-WX5004 (3Com) Access Controller\nJG261A HP 5800 Access Controller OAA TAA Mod\n\nHP 850/870\n Fix in progress\nuse mitigations\n JG723A HP 870 Unified Wired-WLAN Appliance\nJG725A HP 870 Unifd Wrd-WLAN TAA Applnc\n\nHP 830\n Fix in progress\nuse mitigations\n JG640A HP 830 24P PoE+ Unifd Wired-WLAN Swch\nJG641A HP 830 8P PoE+ Unifd Wired-WLAN Swch\nJG646A HP 830 24-Port PoE+ Wrd-WLAN TAA Switch\nJG647A HP 830 8-Port PoE+ Wrd-WLAN TAA Switch\n\nHP 6000\n Fix in progress\nuse mitigations\n JG639A HP 10500/7500 20G Unified Wired-WLAN Mod\nJG645A HP 10500/7500 20G Unifd Wrd-WLAN TAA Mod\n\nM220\n Fix in progress\nuse mitigations\n J9798A HP M220 802.11n AM Access Point\nJ9799A HP M220 802.11n WW Access Point\n\nNGFW\n Fix in progress\nuse mitigations\n JC882A HP S1050F NGFW Aplnc w/DVLabs 1-yr Lic\nJC883A HP S3010F NGFW Aplnc w/DVLabs 1-yr Lic\nJC884A HP S3020F NGFW Aplnc w/DVLabs 1-yr Lic\nJC885A HP S8005F NGFW Aplnc w/DVLabs 1-yr Lic\nJC886A HP S8010F NGFW Aplnc w/DVLabs 1-yr Lic\n\niMC UAM 7.0\n Fix in progress\nuse mitigations\n JD144A HP IMC UAM S/W Module w/200-User License\nJF388A HP IMC UAM S/W Module w/200-user License\nJD435A HP IMC EAD Client Software\nJF388AAE HP IMC UAM S/W Module w/200-user E-LTU\nJG752AAE HP IMC UAM SW Mod w/ 50-user E-LTU\n\niMC EAD 7.0\n Fix in progress\nuse mitigations\n JF391AAE HP IMC EAD S/W Module w/200-user E-LTU\nJG754AAE HP IMC EAD SW Module w/ 50-user E-LTU\nJD147A HP IMC Endpoint Admission Defense Software Module with 200-user\nLicense\nJF391A HP IMC EAD S/W Module w/200-user License\n\niMC PLAT 7.0\n Fix in progress\nuse mitigations\n JF377AAE HP IMC Standard Edition Software Platform with 100-node E-LTU\nJG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU\nJG747AAE HP IMC Standard Software Platform with 50-node E-LTU\nJG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU\nJD125A HP IMC Standard Edition Software Platform with 100-node License\nJD815A HP IMC Standard Edition Software Platform with 100-node License\nJD816A HP A-IMC Standard Edition Software DVD Media\nJF377A HP IMC Standard Edition Software Platform with 100-node License\nJF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU\nJF289AAE HP Enterprise Management System to Intelligent Management Center\nUpgrade E-LTU\nTJ635AAE HP IMC for ANM 50 node pack SW E-LTU (On HP Softwares CPL\nnot HPNs)\nJF378AAE HP IMC Enterprise Edition Software Platform with 200-Node E-LTU\nJG748AAE HP IMC Enterprise Software Platform with 50-node E-LTU\nJD126A HP A-IMC Enterprise Software Platform with 200-node License\nJD808A HP A-IMC Enterprise Software Platform with 200-node License\nJD814A HP A-IMC Enterprise Edition Software DVD Media\nJF378A HP IMC Enterprise Edition Software Platform with 200-node License\nJG546AAE HP IMC Basic SW Platform w/50-node E-LTU\nJG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\nJG550AAE HP PMM to IMC Bsc WLM Upgr w/150 AP E-LTU\nJG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU\nJG659AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU\nJG766AAE HP IMC Smart Connect Virtual Appliance Edition E-LTU\nJG660AAE HP IMC Smart Connect w / WLAN Manager Virtual Appliance Edition\nE-LTU\nJG767AAE HP IMC Smart Connect with Wireless Service Manager Virtual Appliance\nSoftware E-LTU\n\nHISTORY\nVersion:1 (rev.1) - 20 June 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.13 (GNU/Linux)\n\niEYEARECAAYFAlOkrM4ACgkQ4B86/C0qfVn7/QCeK5T1H9dXfVQgIKSr5USqLmvq\nCtMAnjujH7e5aXfIOvxyyuB0FcSwIWCM\n=CEL7\n-----END PGP SIGNATURE-----\n. \nOpenSSL is a 3rd party product that is embedded with some HP printer\nproducts. This bulletin notifies HP Printer customers about impacted\nproducts. To obtain the updated firmware, go to www.hp.com and follow\nthese steps:\n\nSelect \"Drivers \u0026 Software\". \nEnter the appropriate product name listed in the table below into the search\nfield. \nClick on \"Search\". \nClick on the appropriate product. \nUnder \"Select operating system\" click on \"Cross operating system (BIOS,\nFirmware, Diagnostics, etc.)\"\nNote: If the \"Cross operating system ...\" link is not present, select\napplicable Windows operating system from the list. \nSelect the appropriate firmware update under \"Firmware\". \n\nFirmware Updates Table\n\nProduct Name\n Model Number\n Firmware Revision\n\nHP Color LaserJet CM4540 MFP\n CC419A, CC420A, CC421A\n v 2302963_436067 (or higher)\n\nHP Color LaserJet CP5525\n CE707A,CE708A,CE709A\n v 2302963_436070 (or higher)\n\nHP Color LaserJet Enterprise M750\n D3L08A, D3L09A, D3L10A\n v 2302963_436077 (or higher)\n\nHP Color LaserJet M651\n CZ255A, CZ256A, CZ257A, CZ258A\n v 2302963_436073 (or higher)\n\nHP Color LaserJet M680\n CZ248A, CZ249A\n v 2302963_436072 (or higher)\n\nHP Color LaserJet Flow M680\n CZ250A, CA251A\n v 2302963_436072 (or higher)\n\nHP LaserJet Enterprise 500 color MFP M575dn\n CD644A, CD645A\n v 2302963_436081 (or higher)\n\nHP LaserJet Enterprise 500 MFP M525f\n CF116A, CF117A\n v 2302963_436069 (or higher)\n\nHP LaserJet Enterprise 600 M601 Series\n CE989A, CE990A\n v 2302963_436082 (or higher)\n\nHP LaserJet Enterprise 600 M602 Series\n CE991A, CE992A, CE993A\n v 2302963_436082 (or higher)\n\nHP LaserJet Enterprise 600 M603 Series\n CE994A, CE995A, CE996A\n v 2302963_436082 (or higher)\n\nHP LaserJet Enterprise MFP M630 series\n B3G84A, B3G85A, B3G86A, J7X28A\n v 2303714_233000041 (or higher)\n\nHP LaserJet Enterprise 700 color M775 series\n CC522A, CC523A, CC524A, CF304A\n v 2302963_436079 (or higher)\n\nHP LaserJet Enterprise 700 M712 series\n CF235A, CF236A, CF238A\n v 2302963_436080 (or higher)\n\nHP LaserJet Enterprise 800 color M855\n A2W77A, A2W78A, A2W79A\n v 2302963_436076 (or higher)\n\nHP LaserJet Enterprise 800 color MFP M880\n A2W76A, A2W75A, D7P70A, D7P71A\n v 2302963_436068 (or higher)\n\nHP LaserJet Enterprise Color 500 M551 Series\n CF081A,CF082A,CF083A\n v 2302963_436083 (or higher)\n\nHP LaserJet Enterprise color flow MFP M575c\n CD646A\n v 2302963_436081 (or higher)\n\nHP LaserJet Enterprise flow M830z MFP\n CF367A\n v 2302963_436071 (or higher)\n\nHP LaserJet Enterprise flow MFP M525c\n CF118A\n v 2302963_436069 (or higher)\n\nHP LaserJet Enterprise M4555 MFP\n CE502A,CE503A, CE504A, CE738A\n v 2302963_436064 (or higher)\n\nHP LaserJet Enterprise M806\n CZ244A, CZ245A\n v 2302963_436075 (or higher)\n\nHP LaserJet Enterprise MFP M725\n CF066A, CF067A, CF068A, CF069A\n v 2302963_436078 (or higher)\n\nHP Scanjet Enterprise 8500 Document Capture Workstation\n L2717A, L2719A\n v 2302963_436065 (or higher)\n\nOfficeJet Enterprise Color MFP X585\n B5L04A, B5L05A,B5L07A\n v 2302963_436066 (or higher)\n\nOfficeJet Enterprise Color X555\n C2S11A, C2S12A\n v 2302963_436074 (or higher)\n\nHP Color LaserJet CP3525\n CC468A, CC469A, CC470A, CC471A\n v 06.183.1 (or higher)\n\nHP LaserJet M4345 Multifunction Printer\n CB425A, CB426A, CB427A, CB428A\n v 48.306.1 (or higher)\n\nHP LaserJet M5025 Multifunction Printer\n Q7840A\n v 48.306.1 (or higher)\n\nHP Color LaserJet CM6040 Multifunction Printer\n Q3938A, Q3939A\n v 52.256.1 (or higher)\n\nHP Color LaserJet Enterprise CP4525\n CC493A, CC494A, CC495A\n v 07.164.1 (or higher)\n\nHP Color LaserJet Enterprise CP4025\n CC489A, CC490A\n v 07.164.1 (or higher)\n\nHP LaserJet M5035 Multifunction Printer\n Q7829A, Q7830A, Q7831A\n v 48.306.1 (or higher)\n\nHP LaserJet M9050 Multifunction Printer\n CC395A\n v 51.256.1 (or higher)\n\nHP LaserJet M9040 Multifunction Printer\n CC394A\n v 51.256.1 (or higher)\n\nHP Color LaserJet CM4730 Multifunction Printer\n CB480A, CB481A, CB482A, CB483A\n v 50.286.1 (or higher)\n\nHP LaserJet M3035 Multifunction Printer\n CB414A, CB415A, CC476A, CC477A\n v 48.306.1 (or higher)\n\nHP 9250c Digital Sender\n CB472A\n v 48.293.1 (or higher)\n\nHP LaserJet Enterprise P3015\n CE525A,CE526A,CE527A,CE528A,CE595A\n v 07.186.1 (or higher)\n\nHP LaserJet M3027 Multifunction Printer\n CB416A, CC479A\n v 48.306.1 (or higher)\n\nHP LaserJet CM3530 Multifunction Printer\n CC519A, CC520A\n v 53.236.1 (or higher)\n\nHP Color LaserJet CP6015\n Q3931A, Q3932A, Q3933A, Q3934A, Q3935A\n v 04.203.1 (or higher)\n\nHP LaserJet P4515\n CB514A,CB515A, CB516A, CB517A\n v 04.213.1 (or higher)\n\nHP Color LaserJet CM6030 Multifunction Printer\n CE664A, CE665A\n v 52.256.1 (or higher)\n\nHP LaserJet P4015\n CB509A, CB526A, CB511A, CB510A\n v 04.213.1 (or higher)\n\nHP LaserJet P4014\n CB507A, CB506A, CB512A\n v 04.213.1 (or higher)\n\nHISTORY\nVersion:1 (rev.1) - 22 September 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
},
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127136"
},
{
"db": "PACKETSTORM",
"id": "127841"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/978508",
"trust": 0.8,
"type": "poc"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0224",
"trust": 2.2
},
{
"db": "CERT/CC",
"id": "VU#978508",
"trust": 2.1
},
{
"db": "JUNIPER",
"id": "JSA10629",
"trust": 1.3
},
{
"db": "MCAFEE",
"id": "SB10075",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "59215",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59441",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59784",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59885",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59495",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60049",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59375",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59132",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59446",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59827",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59380",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59490",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59655",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58713",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59365",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59451",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58639",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59666",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59916",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59055",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59530",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58615",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58939",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59721",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59287",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59502",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59529",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59450",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58579",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59338",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59824",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59310",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59202",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59990",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58977",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59449",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59135",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59518",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59163",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59429",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59445",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60567",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59300",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59447",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59362",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59231",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59389",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "61254",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59589",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59878",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59305",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60577",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59354",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59454",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59514",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59214",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59301",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59435",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58743",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58667",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59347",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59383",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59325",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59264",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59528",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59306",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58128",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59190",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58759",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58745",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59004",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59440",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59101",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59491",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59162",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59370",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59282",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59364",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59063",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59368",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59448",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58714",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59659",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59444",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59223",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59043",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59186",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58433",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59342",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59167",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59437",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59175",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59093",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60522",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59126",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59483",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58660",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59211",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59442",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59525",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59602",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59284",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58385",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59459",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58719",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60819",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59142",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58945",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59189",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59120",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "61815",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59438",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58337",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59894",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59374",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60571",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59012",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59191",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59192",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59506",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58742",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "60176",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59677",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59188",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59413",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "58716",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59661",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59669",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "59040",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1031032",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1031594",
"trust": 1.0
},
{
"db": "SIEMENS",
"id": "SSA-234763",
"trust": 1.0
},
{
"db": "DLINK",
"id": "SAP10045",
"trust": 0.3
},
{
"db": "DLINK",
"id": "SAP10046",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10643",
"trust": 0.3
},
{
"db": "JUNIPER",
"id": "JSA10659",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03F",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03G",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03B",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03C",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03",
"trust": 0.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-198-03D",
"trust": 0.3
},
{
"db": "JVN",
"id": "JVN61247051",
"trust": 0.3
},
{
"db": "BID",
"id": "67899",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2014-0224",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127386",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127607",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127136",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127841",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127166",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127190",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "128345",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127136"
},
{
"db": "PACKETSTORM",
"id": "127841"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"id": "VAR-201406-0445",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42688096370370365
},
"last_update_date": "2024-11-29T20:25:19.165000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Amazon Linux AMI: ALAS-2014-351",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-351"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=d0eef6c81e529a1b8e4ea4b72eaef4d0"
},
{
"title": "Amazon Linux AMI: ALAS-2014-350",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-350"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=b92b65104373bc8476811ff1b99cd369"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=a7d1e620ea07a6fd4d3ec24012763337"
},
{
"title": "Red Hat: CVE-2014-0224",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-0224"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-3"
},
{
"title": "HP: HPSBPI03107 rev.3 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03107"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-4"
},
{
"title": "Ubuntu Security Notice: openssl vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-1"
},
{
"title": "Ubuntu Security Notice: openssl regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2232-2"
},
{
"title": "Debian Security Advisories: DSA-2950-1 openssl -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=909292f2afe623fbec51f7ab6b32f790"
},
{
"title": "Debian CVElist Bug Report Logs: openssl: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=07d14df4883f21063a053cea8d2239c6"
},
{
"title": "Tenable Security Advisories: [R8] Tenable Products Affected by OpenSSL \u0027CCS Injection\u0027 Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2014-03"
},
{
"title": "Amazon Linux AMI: ALAS-2014-349",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-349"
},
{
"title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=eee4d8c3e2b11de5b15ee65d96af6c60"
},
{
"title": "Symantec Security Advisories: SA80 : OpenSSL Security Advisory 05-Jun-2014",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=dd4667746d163d08265dfdd4c98e4201"
},
{
"title": "Citrix Security Bulletins: Citrix Security Advisory for OpenSSL Vulnerabilities (June 2014)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=afbd3a710e98424e558b1b21482abad6"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2014-0224 "
},
{
"title": "crochet-technologies",
"trust": 0.1,
"url": "https://github.com/crochet-technology/crochet-technologies "
},
{
"title": "openssl-ccs-cve-2014-0224",
"trust": 0.1,
"url": "https://github.com/ssllabs/openssl-ccs-cve-2014-0224 "
},
{
"title": "android-development-best-practices",
"trust": 0.1,
"url": "https://github.com/niharika2810/android-development-best-practices "
},
{
"title": "ssl-grader",
"trust": 0.1,
"url": "https://github.com/SSLyze410-SSLGrader-wCipherSuite-info/ssl-grader "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/dtarnawsky/capacitor-plugin-security-provider "
},
{
"title": "qualysparser",
"trust": 0.1,
"url": "https://github.com/pr4jwal/qualysparser "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Wanderwille/13.01 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0224"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-326",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"trust": 2.1,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675821"
},
{
"trust": 2.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0006.html"
},
{
"trust": 1.6,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676615"
},
{
"trust": 1.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29217"
},
{
"trust": 1.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629"
},
{
"trust": 1.3,
"url": "http://support.citrix.com/article/ctx140876"
},
{
"trust": 1.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1"
},
{
"trust": 1.3,
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678167"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678233"
},
{
"trust": 1.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=kb29195"
},
{
"trust": 1.3,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html"
},
{
"trust": 1.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"trust": 1.3,
"url": "http://www.f-secure.com/en/web/labs_global/fsc-2014-6"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037730"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037727"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676071"
},
{
"trust": 1.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095757"
},
{
"trust": 1.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095756"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676833"
},
{
"trust": 1.3,
"url": "https://kb.bluecoat.com/index?page=content\u0026id=sa80"
},
{
"trust": 1.3,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10075"
},
{
"trust": 1.3,
"url": "http://www.fortiguard.com/advisory/fg-ir-14-018/"
},
{
"trust": 1.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140605-openssl"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"trust": 1.3,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020172"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675626"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0630.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0631.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0633.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0632.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0627.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0680.html"
},
{
"trust": 1.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095755"
},
{
"trust": 1.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095754"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683332"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676644"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676879"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676529"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677836"
},
{
"trust": 1.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095740"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677131"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676496"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676478"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037731"
},
{
"trust": 1.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037732"
},
{
"trust": 1.3,
"url": "http://www.kb.cert.org/vuls/id/978508"
},
{
"trust": 1.1,
"url": "http://www.freebsd.org/security/advisories/freebsd-sa-14:14.openssl.asc"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04401858"
},
{
"trust": 1.1,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0625.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2014/jun/38"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59666"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1iv61506"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676877"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59669"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/site/blogs/766093/posts/908133"
},
{
"trust": 1.0,
"url": "http://support.apple.com/kb/ht6443"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60049"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58939"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58945"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58759"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58742"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59264"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676845"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58639"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"trust": 1.0,
"url": "http://linux.oracle.com/errata/elsa-2014-1053.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.blackberry.com/btsc/kb36051"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59677"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59365"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59446"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58714"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59502"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59878"
},
{
"trust": 1.0,
"url": "http://www.innominate.com/data/downloads/manuals/mdm_1.5.2.1_release_notes.pdf"
},
{
"trust": 1.0,
"url": "https://www.imperialviolet.org/2014/06/05/earlyccs.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59589"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677080"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136473.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58716"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59444"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59347"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59459"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140431828824371\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59354"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59093"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59287"
},
{
"trust": 1.0,
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59101"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037761"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140604261522465\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58713"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037870"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140784085708882\u0026w=2"
},
{
"trust": 1.0,
"url": "http://dev.mysql.com/doc/relnotes/workbench/en/wb-news-6-1-7.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59454"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-201407-05.xml"
},
{
"trust": 1.0,
"url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/releasenotes_for_snare_for_mssql.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59374"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60571"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59342"
},
{
"trust": 1.0,
"url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59441"
},
{
"trust": 1.0,
"url": "http://www.splunk.com/view/sp-caaam2d"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59162"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59301"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60176"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
},
{
"trust": 1.0,
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-august/136470.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59990"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59490"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677527"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24037729"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676536"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59529"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141147110427269\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59827"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59231"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676786"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59824"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141658880509699\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58977"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59202"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59514"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59450"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58433"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58579"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58337"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59305"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60819"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59012"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59375"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59518"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2"
},
{
"trust": 1.0,
"url": "http://puppetlabs.com/security/cve/cve-2014-0224"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59120"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59445"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140870499402361\u0026w=2"
},
{
"trust": 1.0,
"url": "https://www.ibm.com/support/docview.wss?uid=ssg1s1004670"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59338"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59525"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60577"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 1.0,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103586"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg24037783"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59440"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140499864129699\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59447"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140983229106599\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1031594"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg1it02314"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59132"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59370"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59310"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59142"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59483"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141383410222440\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59448"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59282"
},
{
"trust": 1.0,
"url": "http://ccsinjection.lepidum.co.jp"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/61254"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59784"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2014-0012.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59721"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004690"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140852826008699\u0026w=2"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59885"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59491"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/61815"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140544599631400\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59528"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60522"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58128"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140491231331543\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59306"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:105"
},
{
"trust": 1.0,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6060\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.0,
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59389"
},
{
"trust": 1.0,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=6061\u0026myns=phmc\u0026mync=e"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58743"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59530"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1031032"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59191"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140369637402535\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59449"
},
{
"trust": 1.0,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095737"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59413"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58660"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59063"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59135"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59040"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59364"
},
{
"trust": 1.0,
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commit%3bh=bc8923b1ec9c467755cd86f7848c50ee8812e441"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59602"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58719"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59211"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=isg3t1020948"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59368"
},
{
"trust": 1.0,
"url": "https://www.ibm.com/support/docview.wss?uid=ssg1s1004671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59192"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58667"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59215"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59495"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140386311427810\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676334"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59659"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59661"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58745"
},
{
"trust": 1.0,
"url": "http://www.tenable.com/blog/nessus-527-and-pvs-403-are-available-for-download"
},
{
"trust": 1.0,
"url": "https://www.intersectalliance.com/wp-content/uploads/release_notes/releasenotes_for_snare_for_windows.pdf"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60066"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=142350350616251\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59435"
},
{
"trust": 1.0,
"url": "https://discussions.nessus.org/thread/7517"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59043"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59300"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59163"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59126"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59189"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59223"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59655"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0626.html"
},
{
"trust": 1.0,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0624.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59437"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676333"
},
{
"trust": 1.0,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"trust": 1.0,
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/941-security-advisory-0005"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58615"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677390"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59451"
},
{
"trust": 1.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59188"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59167"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59442"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59916"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59362"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59894"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/60567"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59190"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59325"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59004"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141164638606214\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59506"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140794476212181\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"trust": 1.0,
"url": "https://filezilla-project.org/versions.php?type=server"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141025641601169\u0026w=2"
},
{
"trust": 1.0,
"url": "https://www.novell.com/support/kb/doc.php?id=7015271"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59380"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140672208601650\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59175"
},
{
"trust": 1.0,
"url": "http://esupport.trendmicro.com/solution/en-us/1103813.aspx"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59214"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:106"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=140852757108392\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1s1004678"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59429"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2014/dec/23"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59438"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59383"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/59055"
},
{
"trust": 1.0,
"url": "http://www.kerio.com/support/kerio-control/release-history"
},
{
"trust": 0.8,
"url": "http://ccsinjection.lepidum.co.jp/"
},
{
"trust": 0.8,
"url": "http://ccsinjection.lepidum.co.jp/blog/2014-06-05/ccs-injection-en/index.html"
},
{
"trust": 0.8,
"url": "https://plus.google.com/app/basic/stream/z12xhp3hbzbhhjgfm22ncvtbeua1dpaa004"
},
{
"trust": 0.8,
"url": "http://support.attachmate.com/techdocs/2700.html"
},
{
"trust": 0.8,
"url": "https://www.debian.org/security/2014/dsa-2950"
},
{
"trust": 0.8,
"url": "https://admin.fedoraproject.org/updates/openssl-1.0.1e-38.fc19"
},
{
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/av14-002.html"
},
{
"trust": 0.8,
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/3566"
},
{
"trust": 0.8,
"url": "http://linux.oracle.com/errata/elsa-2014-0625.html"
},
{
"trust": 0.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00003.html"
},
{
"trust": 0.8,
"url": "http://www.ubuntu.com/usn/usn-2232-1/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0224"
},
{
"trust": 0.7,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.7,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.7,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0221"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3470"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0195"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10045"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032618"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/en-us/support/knowledgebase/121112.aspx"
},
{
"trust": 0.3,
"url": "http://sylpheed.sraoss.jp/en/news.html"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list\u0026showdraft=false"
},
{
"trust": 0.3,
"url": "http://www.arubanetworks.com/support/alerts/aid-06062014.txt"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html"
},
{
"trust": 0.3,
"url": "http://blogs.citrix.com/2014/06/06/citrix-security-advisory-for-openssl-vulnerabilities-june-2014/"
},
{
"trust": 0.3,
"url": "http://bugs.python.org/issue21671"
},
{
"trust": 0.3,
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=sap10046"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004805"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2014/aug/att-93/esa-2014-079.txt"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04438404"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687640"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21682840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678123"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678073"
},
{
"trust": 0.3,
"url": "http://www.websense.com/support/article/kbarticle/july-2014-hotfix-summary-for-websense-solutions"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10643\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://jvn.jp/en/jp/jvn61247051/index.html"
},
{
"trust": 0.3,
"url": "http://openssl.org/"
},
{
"trust": 0.3,
"url": "http://blogs.sophos.com/2014/06/10/openssl-man-in-the-middle-vulnerability-sophos-product-status-2/"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181245"
},
{
"trust": 0.3,
"url": "http://www.innominate.com/data/downloads/software/innominate_security_advisory_20140606_001_en.pdf"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004758"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004747"
},
{
"trust": 0.3,
"url": "http://openvpn.net/index.php/open-source/downloads.html"
},
{
"trust": 0.3,
"url": "http://www8.hp.com/us/en/software-solutions/operations-analytics-operations-analysis/"
},
{
"trust": 0.3,
"url": "http://www.ibm.com/support/docview.wss?uid=swg21686583"
},
{
"trust": 0.3,
"url": "https://community.rapid7.com/community/metasploit/blog/2014/06/05/security-advisory-openssl-vulnerabilities-cve-2014-0224-cve-2014-0221-in-metasploit"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685551"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5096059"
},
{
"trust": 0.3,
"url": "http://blogs.splunk.com/2014/06/09/splunk-and-the-latest-openssl-vulnerabilities/"
},
{
"trust": 0.3,
"url": "http://www.marshut.com/ixwnpv/stunnel-5-02-released.html"
},
{
"trust": 0.3,
"url": "http://blogs.sophos.com/2014/06/16/utm-up2date-9-113-released/"
},
{
"trust": 0.3,
"url": "http://blogs.sophos.com/2014/06/18/utm-up2date-9-203-released/"
},
{
"trust": 0.3,
"url": " https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04404764"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04385138"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181099"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/101007404"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100180978"
},
{
"trust": 0.3,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-198-03"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/21"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/mar/9"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10659"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03d"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03g"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181096"
},
{
"trust": 0.3,
"url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=98ec479ee69ccb916d2ea4b09943faf5?nocount=true\u0026externalid=kb36051\u0026sliceid=1\u0026cmd=\u0026forward=nonthreadedkc\u0026command=show\u0026kcid=kb36051\u0026viewe"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678040"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1it02314"
},
{
"trust": 0.3,
"url": "http://kb.parallels.com/en/121916"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24036409"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032650#5.0.0.15"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032651"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034955"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020948"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04355095"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04397114"
},
{
"trust": 0.3,
"url": " https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04479505"
},
{
"trust": 0.3,
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04512909"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04343424"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368264"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347622"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04345210"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04347711"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349175"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349789"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04349897"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docdisplay?docid=emr_na-c04351097"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04363613"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04368546"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04370307"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04378799"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04379485"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04392919"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04398968"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04401666"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04337774"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04451722"
},
{
"trust": 0.3,
"url": "https://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?spf_p.tpst=kbdocdisplay\u0026spf_p.prp_kbdocdisplay=wsrp-navigationalstate%3ddocid%253demr_na-c04406535-1%257cdoclocale%253d%"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docdisplay?docid=emr_na-c04425253"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04595094"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05301946"
},
{
"trust": 0.3,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04336637"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001840"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181215"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680546"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680511,swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg24037729"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095940"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678413"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680706,swg21680707,nas8n1020200,swg21680511,swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680707,nas8n1020200,swg21680511,swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004830"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676889"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676673"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678660"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676041"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21680439,swg21680673,swg21680546"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676128"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677891"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676536"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095910"
},
{
"trust": 0.3,
"url": "https://www.xerox.com/download/security/security-bulletin/33a01-5228bdf5d027e/cert_security_mini-_bulletin_xrx15ao_for_cq8570-cq8870_v1-0.pdf"
},
{
"trust": 0.3,
"url": "http://www.novell.com/support/kb/doc.php?id=7015158"
},
{
"trust": 0.3,
"url": "http://securityadvisories.paloaltonetworks.com/home/detail/23?aspxautodetectcookiesupport=1"
},
{
"trust": 0.3,
"url": "https://bto.bluecoat.com/security-advisory/sa80"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181079"
},
{
"trust": 0.3,
"url": "https://downloads.avaya.com/css/p8/documents/100181566"
},
{
"trust": 0.3,
"url": "https://library.netapp.com/ecm/ecm_get_file/ecmp1636026"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020200"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676356"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676276"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676786"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2014-0629.html"
},
{
"trust": 0.3,
"url": "http://forums.alienvault.com/discussion/3054/security-advisory-alienvault-v4-10-0-addresses-several-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-345106.htm"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676793"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021009"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676840"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21677225"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682398"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095738"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=nas8n1020163"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21683336"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678104"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682023"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021064"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682026"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682025"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682024"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21677080"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676877"
},
{
"trust": 0.3,
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095841"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21690128"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004678"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004824"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004690"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676542"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676543"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004744"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676333"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21678289"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004695"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676708"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21676505"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03b"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03c"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-198-03f"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020976"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1020952"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1007987"
},
{
"trust": 0.3,
"url": "http://googlechromereleases.blogspot.com/2014/06/stable-channel-update-for-chrome-os.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001842"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001839"
},
{
"trust": 0.3,
"url": "https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004821"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1s1004670"
},
{
"trust": 0.3,
"url": "www-01.ibm.com/support/docview.wss?uid=ssg1s1004671"
},
{
"trust": 0.3,
"url": "http://www.ubuntu.com/usn/usn-2232-4/"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10629\u0026cat=sirt_1\u0026actp=list"
},
{
"trust": 0.3,
"url": "http://winscp.net/eng/docs/history#5.5.4"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0076"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0198"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5298"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_n"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2014-0076"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/904433"
},
{
"trust": 0.1,
"url": "http://www.hp.com/jp/icewall_patchaccess"
},
{
"trust": 0.1,
"url": "http://h18013.www1.hp.com/products/servers/management/fpdownload.html"
},
{
"trust": 0.1,
"url": "http://h17007.www1.hp.com/us/en/enterprise/servers/solutions/info-library/ind"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00073"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00074"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00070"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00076"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00079"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00071"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00075"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00078"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00072"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/hpcit_00077"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayp"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/exsc_00017"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/exsc_00015"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/selfsolve/document/lid/exsc_00016"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-3"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2232-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1e-3ubuntu1.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1332643"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.16"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.19"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=c03536"
},
{
"trust": 0.1,
"url": "https://www.hp.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127136"
},
{
"db": "PACKETSTORM",
"id": "127841"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#978508"
},
{
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"db": "BID",
"id": "67899"
},
{
"db": "PACKETSTORM",
"id": "127386"
},
{
"db": "PACKETSTORM",
"id": "127607"
},
{
"db": "PACKETSTORM",
"id": "127936"
},
{
"db": "PACKETSTORM",
"id": "127136"
},
{
"db": "PACKETSTORM",
"id": "127841"
},
{
"db": "PACKETSTORM",
"id": "127166"
},
{
"db": "PACKETSTORM",
"id": "127190"
},
{
"db": "PACKETSTORM",
"id": "128345"
},
{
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-05T00:00:00",
"db": "CERT/CC",
"id": "VU#978508"
},
{
"date": "2014-06-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"date": "2014-06-05T00:00:00",
"db": "BID",
"id": "67899"
},
{
"date": "2014-07-09T04:03:23",
"db": "PACKETSTORM",
"id": "127386"
},
{
"date": "2014-07-24T23:47:46",
"db": "PACKETSTORM",
"id": "127607"
},
{
"date": "2014-08-20T15:18:26",
"db": "PACKETSTORM",
"id": "127936"
},
{
"date": "2014-06-17T23:11:00",
"db": "PACKETSTORM",
"id": "127136"
},
{
"date": "2014-08-12T20:56:59",
"db": "PACKETSTORM",
"id": "127841"
},
{
"date": "2014-06-24T00:52:51",
"db": "PACKETSTORM",
"id": "127166"
},
{
"date": "2014-06-24T01:45:14",
"db": "PACKETSTORM",
"id": "127190"
},
{
"date": "2014-09-22T16:56:00",
"db": "PACKETSTORM",
"id": "128345"
},
{
"date": "2014-06-05T21:55:07.817000",
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-27T00:00:00",
"db": "CERT/CC",
"id": "VU#978508"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0224"
},
{
"date": "2017-10-19T03:03:00",
"db": "BID",
"id": "67899"
},
{
"date": "2024-11-21T02:01:41",
"db": "NVD",
"id": "CVE-2014-0224"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "67899"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL is vulnerable to a man-in-the-middle attack",
"sources": [
{
"db": "CERT/CC",
"id": "VU#978508"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "67899"
}
],
"trust": 0.3
}
}
var-200110-0176
Vulnerability from variot
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340. This vulnerability may allow an attacker to forge RSA signatures. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: Apple Airport Probe Response Kernel Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA22679
VERIFY ADVISORY: http://secunia.com/advisories/22679/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: H.D. Moore has reported a vulnerability in the Apple Airport driver, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the Airport driver provided with Orinoco-based Airport cards when handling probe response frames. This can be exploited to overwrite kernel memory and potentially execute arbitrary code when the driver is running in active scanning mode.
The vulnerability is reported in the driver on a PowerBook running version 10.4.8.
SOLUTION: Do not place the card into active scanning mode.
PROVIDED AND/OR DISCOVERED BY: H D Moore
ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-01-11-2006.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
This update provides the latest Thunderbird to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5462 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748 http://www.mozilla.org/security/announce/2006/mfsa2006-65.html http://www.mozilla.org/security/announce/2006/mfsa2006-66.html http://www.mozilla.org/security/announce/2006/mfsa2006-67.html
Updated Packages:
Mandriva Linux 2007.0: 488e65dfe45ecf7e3a9e1a3dedd5c2ce 2007.0/i586/mozilla-thunderbird-1.5.0.8-1.1mdv2007.0.i586.rpm 5e551ab45061148722dda1d7ce66959e 2007.0/i586/mozilla-thunderbird-bg-1.5.0.8-1.1mdv2007.0.i586.rpm 2149a7fd629b8bc6843c6fdf1bb49efb 2007.0/i586/mozilla-thunderbird-ca-1.5.0.8-1.1mdv2007.0.i586.rpm 0d2315b490e3b8dd2ab791bd6c3ee516 2007.0/i586/mozilla-thunderbird-cs-1.5.0.8-1.1mdv2007.0.i586.rpm d5583d1b99b948c90e1cad62d753d67d 2007.0/i586/mozilla-thunderbird-da-1.5.0.8-1.1mdv2007.0.i586.rpm 00ec607c39d3de4c589997d6c7ee6679 2007.0/i586/mozilla-thunderbird-de-1.5.0.8-1.1mdv2007.0.i586.rpm 6d1f0f2576362a0bb90b4f9d8c4f2153 2007.0/i586/mozilla-thunderbird-devel-1.5.0.8-1.1mdv2007.0.i586.rpm 2cb0e44d2e3f7fddd60249843204403f 2007.0/i586/mozilla-thunderbird-el-1.5.0.8-1.1mdv2007.0.i586.rpm 0c3c771882698d5651775aeed24bfd73 2007.0/i586/mozilla-thunderbird-enigmail-1.5.0.8-1.1mdv2007.0.i586.rpm 477ca905391c1d555d0136d46d557869 2007.0/i586/mozilla-thunderbird-enigmail-ca-1.5.0.8-1.1mdv2007.0.i586.rpm 741811dd392d942b27e1b3b0de695d4e 2007.0/i586/mozilla-thunderbird-enigmail-cs-1.5.0.8-1.1mdv2007.0.i586.rpm 7c2c4922c6a2c6ce2cb6108a95f7dbfa 2007.0/i586/mozilla-thunderbird-enigmail-de-1.5.0.8-1.1mdv2007.0.i586.rpm 7cbf9f3218d587ef97edf01f2298096b 2007.0/i586/mozilla-thunderbird-enigmail-el-1.5.0.8-1.1mdv2007.0.i586.rpm 7dbd9e4c16db82a761a7b502c1f7f22d 2007.0/i586/mozilla-thunderbird-enigmail-es-1.5.0.8-1.1mdv2007.0.i586.rpm b6dd6119216f6b748ee7c1570c3b8c37 2007.0/i586/mozilla-thunderbird-enigmail-es_AR-1.5.0.8-1.1mdv2007.0.i586.rpm 1eea732e08ca0ef96796c3f50abb1f77 2007.0/i586/mozilla-thunderbird-enigmail-fi-1.5.0.8-1.1mdv2007.0.i586.rpm e1cc5cf2496581d776bb43e2f0dbbea6 2007.0/i586/mozilla-thunderbird-enigmail-fr-1.5.0.8-1.1mdv2007.0.i586.rpm af86ce82ff9053250f82f2215c8dd7e5 2007.0/i586/mozilla-thunderbird-enigmail-hu-1.5.0.8-1.1mdv2007.0.i586.rpm 6319633c561c7f68c6614685126da02b 2007.0/i586/mozilla-thunderbird-enigmail-it-1.5.0.8-1.1mdv2007.0.i586.rpm 56387829c6cc83882246e68e3b8704b0 2007.0/i586/mozilla-thunderbird-enigmail-ja-1.5.0.8-1.1mdv2007.0.i586.rpm 56cb838bb0c375f53d3cff2eb76a1118 2007.0/i586/mozilla-thunderbird-enigmail-nb-1.5.0.8-1.1mdv2007.0.i586.rpm 253500598ff56ab85394e68708ace21d 2007.0/i586/mozilla-thunderbird-enigmail-nl-1.5.0.8-1.1mdv2007.0.i586.rpm 53b4d4f1aa4e8174a33a0ed436ce961a 2007.0/i586/mozilla-thunderbird-enigmail-pl-1.5.0.8-1.1mdv2007.0.i586.rpm fb9dd6933d27029538cd01a64ec55cee 2007.0/i586/mozilla-thunderbird-enigmail-pt-1.5.0.8-1.1mdv2007.0.i586.rpm 701b9837303a3ed79e6c74c037c28926 2007.0/i586/mozilla-thunderbird-enigmail-pt_BR-1.5.0.8-1.1mdv2007.0.i586.rpm b3739c1344770e92864c50f131f08884 2007.0/i586/mozilla-thunderbird-enigmail-ru-1.5.0.8-1.1mdv2007.0.i586.rpm 1efe7ebc2a71e2f2d6c2785026a6e7ac 2007.0/i586/mozilla-thunderbird-enigmail-sk-1.5.0.8-1.1mdv2007.0.i586.rpm 6860352b37999652aab785a266673e2f 2007.0/i586/mozilla-thunderbird-enigmail-sl-1.5.0.8-1.1mdv2007.0.i586.rpm 51abe323b14793097935b0c221e64f71 2007.0/i586/mozilla-thunderbird-enigmail-sv-1.5.0.8-1.1mdv2007.0.i586.rpm b8ec884437a460c9fbb5c71db6a46c31 2007.0/i586/mozilla-thunderbird-enigmail-zh_CN-1.5.0.8-1.1mdv2007.0.i586.rpm 9ae4fb1871ee29f3f7b52210c0cf4e1b 2007.0/i586/mozilla-thunderbird-es-1.5.0.8-1.1mdv2007.0.i586.rpm e1a31b03ffef8e86df09579296fce3c9 2007.0/i586/mozilla-thunderbird-es_AR-1.5.0.8-1.1mdv2007.0.i586.rpm 6b4bdbb4648231b128655e56015621c7 2007.0/i586/mozilla-thunderbird-eu-1.5.0.8-1.1mdv2007.0.i586.rpm d333252ee1ba51351762e4050565ecb1 2007.0/i586/mozilla-thunderbird-fi-1.5.0.8-1.1mdv2007.0.i586.rpm 0a2828dbab70a2be0e721cc016f93d7f 2007.0/i586/mozilla-thunderbird-fr-1.5.0.8-1.1mdv2007.0.i586.rpm defa2ac291c66f693946362bd2501c40 2007.0/i586/mozilla-thunderbird-ga-1.5.0.8-1.1mdv2007.0.i586.rpm c5540aa8289eefbf3e708e442de77aa8 2007.0/i586/mozilla-thunderbird-gu_IN-1.5.0.8-1.1mdv2007.0.i586.rpm 45da9968c4661ef994ef1dcefd0ad54f 2007.0/i586/mozilla-thunderbird-he-1.5.0.8-1.1mdv2007.0.i586.rpm df8d2ea1013a65457aa1f2100060d968 2007.0/i586/mozilla-thunderbird-hu-1.5.0.8-1.1mdv2007.0.i586.rpm f87f2441b2ca36d4f5c3f3f2dd04b3bb 2007.0/i586/mozilla-thunderbird-it-1.5.0.8-1.1mdv2007.0.i586.rpm bc3a281fbc5c09b7f962dfb1d3b9e517 2007.0/i586/mozilla-thunderbird-ja-1.5.0.8-1.1mdv2007.0.i586.rpm 2563050985477697472069d08e96de0f 2007.0/i586/mozilla-thunderbird-ko-1.5.0.8-1.1mdv2007.0.i586.rpm e22be985ae58ab3eba5b90aa6a3eb58e 2007.0/i586/mozilla-thunderbird-lt-1.5.0.8-1.1mdv2007.0.i586.rpm fde0d1b9c4feee3c1e239345f4065090 2007.0/i586/mozilla-thunderbird-mk-1.5.0.8-1.1mdv2007.0.i586.rpm 10be2386887a6c70bc4f9c0453b33072 2007.0/i586/mozilla-thunderbird-nb-1.5.0.8-1.1mdv2007.0.i586.rpm 1c92d5ee79fc52ec1525f3c96dfa1916 2007.0/i586/mozilla-thunderbird-nl-1.5.0.8-1.1mdv2007.0.i586.rpm 42e6ddb4a33a297c71b996bf651a4d69 2007.0/i586/mozilla-thunderbird-pa_IN-1.5.0.8-1.1mdv2007.0.i586.rpm 96394d1245284a886b954bb063c0ab5b 2007.0/i586/mozilla-thunderbird-pl-1.5.0.8-1.1mdv2007.0.i586.rpm 8386317130e064260bd8b114616410ed 2007.0/i586/mozilla-thunderbird-pt_BR-1.5.0.8-1.1mdv2007.0.i586.rpm eb622e8adc0767e090a608e80a1611b7 2007.0/i586/mozilla-thunderbird-ru-1.5.0.8-1.1mdv2007.0.i586.rpm 3ca6736aaf725851a0be21f0490aeb20 2007.0/i586/mozilla-thunderbird-sk-1.5.0.8-1.1mdv2007.0.i586.rpm 47b16b8c45acc936b62051594ed87c69 2007.0/i586/mozilla-thunderbird-sl-1.5.0.8-1.1mdv2007.0.i586.rpm c2e742162882c52761040025ff4ddfff 2007.0/i586/mozilla-thunderbird-sv-1.5.0.8-1.1mdv2007.0.i586.rpm 072c5224bd49a45ba7ab0a57f657ec6e 2007.0/i586/mozilla-thunderbird-tr-1.5.0.8-1.1mdv2007.0.i586.rpm 3393e810730d305adc4fe8ecc98b782a 2007.0/i586/mozilla-thunderbird-zh_CN-1.5.0.8-1.1mdv2007.0.i586.rpm 70882501b0fc01a56cee67c2b7c63ac5 2007.0/i586/nsinstall-1.5.0.8-1.1mdv2007.0.i586.rpm e408368ca02e7efbbece9adbaaea7d56 2007.0/SRPMS/mozilla-thunderbird-1.5.0.8-1.1mdv2007.0.src.rpm 7867a124b85e4a8098ec7b814267c1f5 2007.0/SRPMS/mozilla-thunderbird-enigmail-l10n-1.5.0.8-1.1mdv2007.0.src.rpm e776e0c4c5a6ff592af0c346bf8b4511 2007.0/SRPMS/mozilla-thunderbird-l10n-1.5.0.8-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 47aa8c7af46ee44f1b51e0f44772beeb 2007.0/x86_64/mozilla-thunderbird-1.5.0.8-1.1mdv2007.0.x86_64.rpm e284b46733e04ab96cccb612de04e5a8 2007.0/x86_64/mozilla-thunderbird-bg-1.5.0.8-1.1mdv2007.0.x86_64.rpm e73efd093c48aa82d6f73025f1ade443 2007.0/x86_64/mozilla-thunderbird-ca-1.5.0.8-1.1mdv2007.0.x86_64.rpm ed790bdd1a45343b427925765f5f2b5c 2007.0/x86_64/mozilla-thunderbird-cs-1.5.0.8-1.1mdv2007.0.x86_64.rpm 61690a97ef04b6083693ffe4a9ab3176 2007.0/x86_64/mozilla-thunderbird-da-1.5.0.8-1.1mdv2007.0.x86_64.rpm 889574eda89385739aad6eda7f3d2604 2007.0/x86_64/mozilla-thunderbird-de-1.5.0.8-1.1mdv2007.0.x86_64.rpm ef9b59cdd619da74737b5e91e4067386 2007.0/x86_64/mozilla-thunderbird-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm e20a88ece32f8ee81aaedd828558d880 2007.0/x86_64/mozilla-thunderbird-el-1.5.0.8-1.1mdv2007.0.x86_64.rpm 250f6f86984922da278774d480ba37a7 2007.0/x86_64/mozilla-thunderbird-enigmail-1.5.0.8-1.1mdv2007.0.x86_64.rpm f683dba38c9055cbac36f8468e357ebf 2007.0/x86_64/mozilla-thunderbird-enigmail-ca-1.5.0.8-1.1mdv2007.0.x86_64.rpm 6594d0bb3f7770f168728827c1cf9f83 2007.0/x86_64/mozilla-thunderbird-enigmail-cs-1.5.0.8-1.1mdv2007.0.x86_64.rpm 1ee011c3c94c7b081f53b9a55996da0c 2007.0/x86_64/mozilla-thunderbird-enigmail-de-1.5.0.8-1.1mdv2007.0.x86_64.rpm be24dd32e628b8294c1b87d200cf02dd 2007.0/x86_64/mozilla-thunderbird-enigmail-el-1.5.0.8-1.1mdv2007.0.x86_64.rpm 020acf8e510080a701c6278c6eb862ae 2007.0/x86_64/mozilla-thunderbird-enigmail-es-1.5.0.8-1.1mdv2007.0.x86_64.rpm af4c92e4f3eaf833111572ead14c8c04 2007.0/x86_64/mozilla-thunderbird-enigmail-es_AR-1.5.0.8-1.1mdv2007.0.x86_64.rpm 7483c3a55198fcbc9be2c9750919a370 2007.0/x86_64/mozilla-thunderbird-enigmail-fi-1.5.0.8-1.1mdv2007.0.x86_64.rpm 753acdb58e6400659dab48ff78f371e7 2007.0/x86_64/mozilla-thunderbird-enigmail-fr-1.5.0.8-1.1mdv2007.0.x86_64.rpm fb83f542bd12edda5e85d9873a08a938 2007.0/x86_64/mozilla-thunderbird-enigmail-hu-1.5.0.8-1.1mdv2007.0.x86_64.rpm 996bbfb13654cfc2180036ea6b1e61df 2007.0/x86_64/mozilla-thunderbird-enigmail-it-1.5.0.8-1.1mdv2007.0.x86_64.rpm ff6217b99ab96a1444b6a758bf184ecf 2007.0/x86_64/mozilla-thunderbird-enigmail-ja-1.5.0.8-1.1mdv2007.0.x86_64.rpm f15d9f053011068deba71fdc05dc6d46 2007.0/x86_64/mozilla-thunderbird-enigmail-nb-1.5.0.8-1.1mdv2007.0.x86_64.rpm 98f63b0dedef781ec16f8bebb6a032cb 2007.0/x86_64/mozilla-thunderbird-enigmail-nl-1.5.0.8-1.1mdv2007.0.x86_64.rpm e5e42bb849d26a4f59fb6204d6ed9850 2007.0/x86_64/mozilla-thunderbird-enigmail-pl-1.5.0.8-1.1mdv2007.0.x86_64.rpm 8bc9d56d4778baf40b115eb805a506b3 2007.0/x86_64/mozilla-thunderbird-enigmail-pt-1.5.0.8-1.1mdv2007.0.x86_64.rpm 21c7d7ffd14a724e4ce9d96e99d0f3c7 2007.0/x86_64/mozilla-thunderbird-enigmail-pt_BR-1.5.0.8-1.1mdv2007.0.x86_64.rpm 9b115831c8ae36d7141c93a9d867d445 2007.0/x86_64/mozilla-thunderbird-enigmail-ru-1.5.0.8-1.1mdv2007.0.x86_64.rpm d6efb3cdaba13c17dd31147011796614 2007.0/x86_64/mozilla-thunderbird-enigmail-sk-1.5.0.8-1.1mdv2007.0.x86_64.rpm 4239765036a0bffaa4fcff9fb076a221 2007.0/x86_64/mozilla-thunderbird-enigmail-sl-1.5.0.8-1.1mdv2007.0.x86_64.rpm be87cc456600cb0dc18730ae3f75af92 2007.0/x86_64/mozilla-thunderbird-enigmail-sv-1.5.0.8-1.1mdv2007.0.x86_64.rpm 459367e42865a1de4374d2a9b8c36232 2007.0/x86_64/mozilla-thunderbird-enigmail-zh_CN-1.5.0.8-1.1mdv2007.0.x86_64.rpm 1e1b30720806b2c6ab650251f9756127 2007.0/x86_64/mozilla-thunderbird-es-1.5.0.8-1.1mdv2007.0.x86_64.rpm 70c5525bea63d291374706abfb4523c4 2007.0/x86_64/mozilla-thunderbird-es_AR-1.5.0.8-1.1mdv2007.0.x86_64.rpm 4addf81f6fdb0fe55d2274ba726d066e 2007.0/x86_64/mozilla-thunderbird-eu-1.5.0.8-1.1mdv2007.0.x86_64.rpm 9c9a1e6a7623a712f40666e77fd3f2b4 2007.0/x86_64/mozilla-thunderbird-fi-1.5.0.8-1.1mdv2007.0.x86_64.rpm 9cd9d0509bbe4d0bc7c092118253c237 2007.0/x86_64/mozilla-thunderbird-fr-1.5.0.8-1.1mdv2007.0.x86_64.rpm b23236fc11caa38b1354893f1e9863e1 2007.0/x86_64/mozilla-thunderbird-ga-1.5.0.8-1.1mdv2007.0.x86_64.rpm c5b898d7f04c26a34bb4223ee4547586 2007.0/x86_64/mozilla-thunderbird-gu_IN-1.5.0.8-1.1mdv2007.0.x86_64.rpm 8e114fec014131d472790035a1509783 2007.0/x86_64/mozilla-thunderbird-he-1.5.0.8-1.1mdv2007.0.x86_64.rpm 3eda3b36a83c550a1f52faf6adfb0b10 2007.0/x86_64/mozilla-thunderbird-hu-1.5.0.8-1.1mdv2007.0.x86_64.rpm c336cc525567465d1649ee55c604d3a3 2007.0/x86_64/mozilla-thunderbird-it-1.5.0.8-1.1mdv2007.0.x86_64.rpm 476f974ea2e3b9ef971231b8b08e62f0 2007.0/x86_64/mozilla-thunderbird-ja-1.5.0.8-1.1mdv2007.0.x86_64.rpm 7878332de8134b9025b924315d6ffbf6 2007.0/x86_64/mozilla-thunderbird-ko-1.5.0.8-1.1mdv2007.0.x86_64.rpm 7602f9099c26d60e934f54918dd38e46 2007.0/x86_64/mozilla-thunderbird-lt-1.5.0.8-1.1mdv2007.0.x86_64.rpm 52ba4b91175db4376fd4c4e9018969c3 2007.0/x86_64/mozilla-thunderbird-mk-1.5.0.8-1.1mdv2007.0.x86_64.rpm 1e2bc31ee83c5c47f06953aba976a27d 2007.0/x86_64/mozilla-thunderbird-nb-1.5.0.8-1.1mdv2007.0.x86_64.rpm 47b180beb65802e89f7e6a8be7f33d15 2007.0/x86_64/mozilla-thunderbird-nl-1.5.0.8-1.1mdv2007.0.x86_64.rpm 6485a71b5d07fef3e337630aa53bb4c6 2007.0/x86_64/mozilla-thunderbird-pa_IN-1.5.0.8-1.1mdv2007.0.x86_64.rpm 6b5df9cad533fc75fc47191df5f3dabf 2007.0/x86_64/mozilla-thunderbird-pl-1.5.0.8-1.1mdv2007.0.x86_64.rpm 99b61d660a72eff639f78ec0422aeaf2 2007.0/x86_64/mozilla-thunderbird-pt_BR-1.5.0.8-1.1mdv2007.0.x86_64.rpm 99cfe247978fe85b5b5186bf12247f3a 2007.0/x86_64/mozilla-thunderbird-ru-1.5.0.8-1.1mdv2007.0.x86_64.rpm 8c393629997cea717c2f1e8d077a9344 2007.0/x86_64/mozilla-thunderbird-sk-1.5.0.8-1.1mdv2007.0.x86_64.rpm be518e4b4833e6cb9d083871101be35b 2007.0/x86_64/mozilla-thunderbird-sl-1.5.0.8-1.1mdv2007.0.x86_64.rpm 8dedff0ffd0e7b7721b256f01821f188 2007.0/x86_64/mozilla-thunderbird-sv-1.5.0.8-1.1mdv2007.0.x86_64.rpm 05202d61506a60981fb9a317ce6a5d5d 2007.0/x86_64/mozilla-thunderbird-tr-1.5.0.8-1.1mdv2007.0.x86_64.rpm 0deda88ec857fb0c11b57555814a20ec 2007.0/x86_64/mozilla-thunderbird-zh_CN-1.5.0.8-1.1mdv2007.0.x86_64.rpm 0f2f7928b2edfbe0ae5faf127b0ed066 2007.0/x86_64/nsinstall-1.5.0.8-1.1mdv2007.0.x86_64.rpm e408368ca02e7efbbece9adbaaea7d56 2007.0/SRPMS/mozilla-thunderbird-1.5.0.8-1.1mdv2007.0.src.rpm 7867a124b85e4a8098ec7b814267c1f5 2007.0/SRPMS/mozilla-thunderbird-enigmail-l10n-1.5.0.8-1.1mdv2007.0.src.rpm e776e0c4c5a6ff592af0c346bf8b4511 2007.0/SRPMS/mozilla-thunderbird-l10n-1.5.0.8-1.1mdv2007.0.src.rpm
Corporate 3.0: 71192ef0a8bd28533718191d287d8158 corporate/3.0/i586/mozilla-thunderbird-1.5.0.8-1.1.C30mdk.i586.rpm c0121a4a0192d7944b1f8d30c977ab38 corporate/3.0/i586/mozilla-thunderbird-bg-1.5.0.8-1.1.C30mdk.i586.rpm 53c403f48cb8547f0eb646ab1b41b656 corporate/3.0/i586/mozilla-thunderbird-ca-1.5.0.8-1.1.C30mdk.i586.rpm 032ebcc12942292620b05929e0583f3a corporate/3.0/i586/mozilla-thunderbird-cs-1.5.0.8-1.1.C30mdk.i586.rpm c88d6e26aa75dab433abcf71f2962e5c corporate/3.0/i586/mozilla-thunderbird-da-1.5.0.8-1.1.C30mdk.i586.rpm dcc54cb45829470f4267806696b46eca corporate/3.0/i586/mozilla-thunderbird-de-1.5.0.8-1.1.C30mdk.i586.rpm e7ba899422d7cbfd343659b810e4ee52 corporate/3.0/i586/mozilla-thunderbird-devel-1.5.0.8-1.1.C30mdk.i586.rpm d987b44bd201c2a23b404751e13df538 corporate/3.0/i586/mozilla-thunderbird-el-1.5.0.8-1.1.C30mdk.i586.rpm 9d496fa524a5226676f56ed87d2015ec corporate/3.0/i586/mozilla-thunderbird-enigmail-1.5.0.8-1.1.C30mdk.i586.rpm eac64993c47963ede70eca5fb62e30b9 corporate/3.0/i586/mozilla-thunderbird-enigmail-ca-1.5.0.8-1.1.C30mdk.i586.rpm b5523fcbf2370d1805e1f917faaa31c8 corporate/3.0/i586/mozilla-thunderbird-enigmail-cs-1.5.0.8-1.1.C30mdk.i586.rpm 1eb806fe5a429b52f010e16aeed4cb4a corporate/3.0/i586/mozilla-thunderbird-enigmail-de-1.5.0.8-1.1.C30mdk.i586.rpm 1a8da00f3e4033ec813df4548072ac9f corporate/3.0/i586/mozilla-thunderbird-enigmail-el-1.5.0.8-1.1.C30mdk.i586.rpm 3a2434c868a3b5799cb69c31d43f900c corporate/3.0/i586/mozilla-thunderbird-enigmail-es-1.5.0.8-1.1.C30mdk.i586.rpm a1bb48121d53f83bf0efd303ea477b71 corporate/3.0/i586/mozilla-thunderbird-enigmail-es_AR-1.5.0.8-1.1.C30mdk.i586.rpm 6f9d308c194ae42cfa0787afdebff2cc corporate/3.0/i586/mozilla-thunderbird-enigmail-fi-1.5.0.8-1.1.C30mdk.i586.rpm bb3c3cf4056814131f8031471c81ac6f corporate/3.0/i586/mozilla-thunderbird-enigmail-fr-1.5.0.8-1.1.C30mdk.i586.rpm 4228aaf098c501a80af97469393482b5 corporate/3.0/i586/mozilla-thunderbird-enigmail-hu-1.5.0.8-1.1.C30mdk.i586.rpm 3a95ad54416e2f002d1aaa32557cf947 corporate/3.0/i586/mozilla-thunderbird-enigmail-it-1.5.0.8-1.1.C30mdk.i586.rpm 19e1eac0351d89760ee31b4c9ee4fcc4 corporate/3.0/i586/mozilla-thunderbird-enigmail-ja-1.5.0.8-1.1.C30mdk.i586.rpm 1c21de0415bd0223237aa82795cc9600 corporate/3.0/i586/mozilla-thunderbird-enigmail-nb-1.5.0.8-1.1.C30mdk.i586.rpm a11487e4145c294a57a77491f6996748 corporate/3.0/i586/mozilla-thunderbird-enigmail-nl-1.5.0.8-1.1.C30mdk.i586.rpm 31064002ac59d4857c3c45c3161580dc corporate/3.0/i586/mozilla-thunderbird-enigmail-pl-1.5.0.8-1.1.C30mdk.i586.rpm fc88eeba422b084ffa67b77211248ef0 corporate/3.0/i586/mozilla-thunderbird-enigmail-pt-1.5.0.8-1.1.C30mdk.i586.rpm 4ead83e3405e7469370b4f02a9254ddc corporate/3.0/i586/mozilla-thunderbird-enigmail-pt_BR-1.5.0.8-1.1.C30mdk.i586.rpm 3a15b707a6d7f8e9b25c1ccaea023333 corporate/3.0/i586/mozilla-thunderbird-enigmail-ru-1.5.0.8-1.1.C30mdk.i586.rpm 1a8c565fd3b42069b2e42103d98dfab2 corporate/3.0/i586/mozilla-thunderbird-enigmail-sk-1.5.0.8-1.1.C30mdk.i586.rpm 0040d479d7e55304c06df39b2233d12e corporate/3.0/i586/mozilla-thunderbird-enigmail-sl-1.5.0.8-1.1.C30mdk.i586.rpm 6fab1321b377748e22a6709b772d5159 corporate/3.0/i586/mozilla-thunderbird-enigmail-sv-1.5.0.8-1.1.C30mdk.i586.rpm 1969ec5d6cc27df2f09f9733b5b37c6d corporate/3.0/i586/mozilla-thunderbird-enigmail-zh_CN-1.5.0.8-1.1.C30mdk.i586.rpm 0c34a8e8bd3f9011283fe990771a857a corporate/3.0/i586/mozilla-thunderbird-es-1.5.0.8-1.1.C30mdk.i586.rpm 68781ca20e2232457046bdab86b59462 corporate/3.0/i586/mozilla-thunderbird-es_AR-1.5.0.8-1.1.C30mdk.i586.rpm 37c3909b8feb9a35208519ccf4ec8a46 corporate/3.0/i586/mozilla-thunderbird-eu-1.5.0.8-1.1.C30mdk.i586.rpm ea2febd0e93d9348fd580452f7adc0be corporate/3.0/i586/mozilla-thunderbird-fi-1.5.0.8-1.1.C30mdk.i586.rpm 2eac2aaeb4fe209f98aa85505f6a9b87 corporate/3.0/i586/mozilla-thunderbird-fr-1.5.0.8-1.1.C30mdk.i586.rpm d8d8fc30075f0848859cbe96b26404a7 corporate/3.0/i586/mozilla-thunderbird-ga-1.5.0.8-1.1.C30mdk.i586.rpm 3af19a8b01fb316451132e6460c7deb0 corporate/3.0/i586/mozilla-thunderbird-gu_IN-1.5.0.8-1.1.C30mdk.i586.rpm f7aed893e50dff94f47d658d70093824 corporate/3.0/i586/mozilla-thunderbird-he-1.5.0.8-1.1.C30mdk.i586.rpm ab6ead860edf6de4935aa3bb4ecf4721 corporate/3.0/i586/mozilla-thunderbird-hu-1.5.0.8-1.1.C30mdk.i586.rpm a9b0bc2b2bcf186b5a284cba3d6cad19 corporate/3.0/i586/mozilla-thunderbird-it-1.5.0.8-1.1.C30mdk.i586.rpm 373554b2032c20a61c48f4a4e11e5b57 corporate/3.0/i586/mozilla-thunderbird-ja-1.5.0.8-1.1.C30mdk.i586.rpm 1a2efc51627d9f55929e1b33e20f5274 corporate/3.0/i586/mozilla-thunderbird-ko-1.5.0.8-1.1.C30mdk.i586.rpm 27ab1d70b317c477b56df8223a8477b4 corporate/3.0/i586/mozilla-thunderbird-lt-1.5.0.8-1.1.C30mdk.i586.rpm 0bcd50b34bec84016747f4919b43b8e1 corporate/3.0/i586/mozilla-thunderbird-mk-1.5.0.8-1.1.C30mdk.i586.rpm 4b26e1653ccf78604c16b25ed7357dfb corporate/3.0/i586/mozilla-thunderbird-nb-1.5.0.8-1.1.C30mdk.i586.rpm ea1a0d0349f9a2f26b23c7678d7e5736 corporate/3.0/i586/mozilla-thunderbird-nl-1.5.0.8-1.1.C30mdk.i586.rpm 7d7c13e7a820c069b3c657adf57443d9 corporate/3.0/i586/mozilla-thunderbird-pa_IN-1.5.0.8-1.1.C30mdk.i586.rpm ef0755e523de702c802890f494ee5ea0 corporate/3.0/i586/mozilla-thunderbird-pl-1.5.0.8-1.1.C30mdk.i586.rpm f7618d53bff6c0764297f2352c5d0239 corporate/3.0/i586/mozilla-thunderbird-pt_BR-1.5.0.8-1.1.C30mdk.i586.rpm 8df8db645153b5f7539044d5f892ad54 corporate/3.0/i586/mozilla-thunderbird-ru-1.5.0.8-1.1.C30mdk.i586.rpm d26cb2fbb5301bcf127ea4e4606f52b9 corporate/3.0/i586/mozilla-thunderbird-sk-1.5.0.8-1.1.C30mdk.i586.rpm f57d3dd11471a798542b87f0a3c68e82 corporate/3.0/i586/mozilla-thunderbird-sl-1.5.0.8-1.1.C30mdk.i586.rpm f3aede5440aeb78b59350fe56bb221d2 corporate/3.0/i586/mozilla-thunderbird-sv-1.5.0.8-1.1.C30mdk.i586.rpm bda7588d80565c17190fb407bdc3b1b2 corporate/3.0/i586/mozilla-thunderbird-tr-1.5.0.8-1.1.C30mdk.i586.rpm 5f0764d5685d0836bd718fdc86b8a73a corporate/3.0/i586/mozilla-thunderbird-zh_CN-1.5.0.8-1.1.C30mdk.i586.rpm 2a1892c7e027dba761df43c98bb5e85f corporate/3.0/i586/nsinstall-1.5.0.8-1.1.C30mdk.i586.rpm 04cdbf8cd4c1b9baf1b1c34e0c7bfcb9 corporate/3.0/SRPMS/mozilla-thunderbird-1.5.0.8-1.1.C30mdk.src.rpm 98c5a4c000178cf57677fa6ee70adb71 corporate/3.0/SRPMS/mozilla-thunderbird-enigmail-l10n-1.5.0.8-1.1.C30mdk.src.rpm 124ecce0dd9a26b565eef6c2f7e14401 corporate/3.0/SRPMS/mozilla-thunderbird-l10n-1.5.0.8-1.1.C30mdk.src.rpm
Corporate 3.0/X86_64: c109965ada094232d0958a8121be977a corporate/3.0/x86_64/mozilla-thunderbird-1.5.0.8-1.1.C30mdk.x86_64.rpm e50d4054e85e4624b285067c75cfab18 corporate/3.0/x86_64/mozilla-thunderbird-bg-1.5.0.8-1.1.C30mdk.x86_64.rpm f8cc5e4a36961ef4db2b8632fc6734d9 corporate/3.0/x86_64/mozilla-thunderbird-ca-1.5.0.8-1.1.C30mdk.x86_64.rpm 70e0a1878ce810ee835e7eca08a11e12 corporate/3.0/x86_64/mozilla-thunderbird-cs-1.5.0.8-1.1.C30mdk.x86_64.rpm 50abb11664ca02e6d77cbf30396e5398 corporate/3.0/x86_64/mozilla-thunderbird-da-1.5.0.8-1.1.C30mdk.x86_64.rpm 5565876286c51872fb0ff90df059f052 corporate/3.0/x86_64/mozilla-thunderbird-de-1.5.0.8-1.1.C30mdk.x86_64.rpm cdd3892a5ba2a7c1ffe29d009e9d23a9 corporate/3.0/x86_64/mozilla-thunderbird-devel-1.5.0.8-1.1.C30mdk.x86_64.rpm ba3e7a92e79e00cd74b722ab94d832eb corporate/3.0/x86_64/mozilla-thunderbird-el-1.5.0.8-1.1.C30mdk.x86_64.rpm c11927081645df376c72f27e8ebc6a85 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-1.5.0.8-1.1.C30mdk.x86_64.rpm 448172b7c753b48c81b2a2c5d337b9e5 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-ca-1.5.0.8-1.1.C30mdk.x86_64.rpm b83c0eb2158672f087fd5754ca27efad corporate/3.0/x86_64/mozilla-thunderbird-enigmail-cs-1.5.0.8-1.1.C30mdk.x86_64.rpm 49b91f3eae7a0773ecce62f635a6dfe9 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-de-1.5.0.8-1.1.C30mdk.x86_64.rpm 3a0cf5325721e29c4eba9ee7cbc7efb7 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-el-1.5.0.8-1.1.C30mdk.x86_64.rpm cadf1aff1e915adb9e14539eb04521db corporate/3.0/x86_64/mozilla-thunderbird-enigmail-es-1.5.0.8-1.1.C30mdk.x86_64.rpm 8218118b837bf05b3603652f0d4c5690 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-es_AR-1.5.0.8-1.1.C30mdk.x86_64.rpm 7c7190fc9ec1fc5774436ec7b0c92fd5 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-fi-1.5.0.8-1.1.C30mdk.x86_64.rpm a42f63c64470ba933d6239bdf8b1569c corporate/3.0/x86_64/mozilla-thunderbird-enigmail-fr-1.5.0.8-1.1.C30mdk.x86_64.rpm af8c5d7e3569278f3e9d364362be25b3 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-hu-1.5.0.8-1.1.C30mdk.x86_64.rpm c749a5b7ac03ad98919f83425fcbd4c2 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-it-1.5.0.8-1.1.C30mdk.x86_64.rpm ac82cd1f4fc0c5ed57be5b165cc65be4 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-ja-1.5.0.8-1.1.C30mdk.x86_64.rpm 0fbd67977bdfc1b1f9aa3c846c80c244 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-nb-1.5.0.8-1.1.C30mdk.x86_64.rpm 4d26f0c7b32d3888e1e5c4c14516a4df corporate/3.0/x86_64/mozilla-thunderbird-enigmail-nl-1.5.0.8-1.1.C30mdk.x86_64.rpm 37fbc8358f1f11d5cb9f0e9b2fab3b26 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-pl-1.5.0.8-1.1.C30mdk.x86_64.rpm 6bec775a601e84be547246ae5638d059 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-pt-1.5.0.8-1.1.C30mdk.x86_64.rpm 0dc1c40ef6d1a233661048447db25543 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-pt_BR-1.5.0.8-1.1.C30mdk.x86_64.rpm 7ec948cc8df84aae6b3d660bd4187208 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-ru-1.5.0.8-1.1.C30mdk.x86_64.rpm 4b7ba48ffeff51709b26c8f315a4aaa1 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-sk-1.5.0.8-1.1.C30mdk.x86_64.rpm 94fceae9b7bc6d48fe2677eecaaf11a6 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-sl-1.5.0.8-1.1.C30mdk.x86_64.rpm d578499c38c981f2b8cc55fc1351efef corporate/3.0/x86_64/mozilla-thunderbird-enigmail-sv-1.5.0.8-1.1.C30mdk.x86_64.rpm 095291274be4a418d05c4e96cb441d90 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-zh_CN-1.5.0.8-1.1.C30mdk.x86_64.rpm 272b554e86966e103d3e7f42b5cba9db corporate/3.0/x86_64/mozilla-thunderbird-es-1.5.0.8-1.1.C30mdk.x86_64.rpm 52bd52c4d5eaad6fa541dd20db5411d0 corporate/3.0/x86_64/mozilla-thunderbird-es_AR-1.5.0.8-1.1.C30mdk.x86_64.rpm 2536b28aa209a912ff74601db4e685b4 corporate/3.0/x86_64/mozilla-thunderbird-eu-1.5.0.8-1.1.C30mdk.x86_64.rpm 484ad35799b9a8cd277754bf1b13d686 corporate/3.0/x86_64/mozilla-thunderbird-fi-1.5.0.8-1.1.C30mdk.x86_64.rpm 42ff5a3a8320c4be3ffb1f1d74912f78 corporate/3.0/x86_64/mozilla-thunderbird-fr-1.5.0.8-1.1.C30mdk.x86_64.rpm 8a46a1d9f9380c205699ce090d749ff2 corporate/3.0/x86_64/mozilla-thunderbird-ga-1.5.0.8-1.1.C30mdk.x86_64.rpm 3c30c5aeee783bfabe34fb1ff7357d38 corporate/3.0/x86_64/mozilla-thunderbird-gu_IN-1.5.0.8-1.1.C30mdk.x86_64.rpm a90b14f77d6eed2228bfa55457803f6f corporate/3.0/x86_64/mozilla-thunderbird-he-1.5.0.8-1.1.C30mdk.x86_64.rpm 719239492f7d93b04f2c95902fccf94c corporate/3.0/x86_64/mozilla-thunderbird-hu-1.5.0.8-1.1.C30mdk.x86_64.rpm f52bcdf19f10745e756f0d58616126df corporate/3.0/x86_64/mozilla-thunderbird-it-1.5.0.8-1.1.C30mdk.x86_64.rpm 79826e403152cbe90ddf3bd4d8d64abe corporate/3.0/x86_64/mozilla-thunderbird-ja-1.5.0.8-1.1.C30mdk.x86_64.rpm 18c08993c8f43c976be6cf2e8cfb2c35 corporate/3.0/x86_64/mozilla-thunderbird-ko-1.5.0.8-1.1.C30mdk.x86_64.rpm b17866029fe4244a77af59fbb55a07b9 corporate/3.0/x86_64/mozilla-thunderbird-lt-1.5.0.8-1.1.C30mdk.x86_64.rpm 878f59fdb3ebb5929fc23437a17fb5ad corporate/3.0/x86_64/mozilla-thunderbird-mk-1.5.0.8-1.1.C30mdk.x86_64.rpm d62fb25dc173e8b12be8623ae8fbf9bf corporate/3.0/x86_64/mozilla-thunderbird-nb-1.5.0.8-1.1.C30mdk.x86_64.rpm 266322718c7cedd78e89524940f15d55 corporate/3.0/x86_64/mozilla-thunderbird-nl-1.5.0.8-1.1.C30mdk.x86_64.rpm 32c5fcab859aff66aaf704b997a1c625 corporate/3.0/x86_64/mozilla-thunderbird-pa_IN-1.5.0.8-1.1.C30mdk.x86_64.rpm 17d7eeb0fbd25df1f76d5fa875ef7a3d corporate/3.0/x86_64/mozilla-thunderbird-pl-1.5.0.8-1.1.C30mdk.x86_64.rpm 4aabd47a35cb15547ccbe4eda1b521e8 corporate/3.0/x86_64/mozilla-thunderbird-pt_BR-1.5.0.8-1.1.C30mdk.x86_64.rpm 1d8d27be2902605b0eae9dcbd89654cc corporate/3.0/x86_64/mozilla-thunderbird-ru-1.5.0.8-1.1.C30mdk.x86_64.rpm 6c116048a69b3c176831fde5ff0a252a corporate/3.0/x86_64/mozilla-thunderbird-sk-1.5.0.8-1.1.C30mdk.x86_64.rpm e5bcb8518c5a61e63e62f90c363c67ae corporate/3.0/x86_64/mozilla-thunderbird-sl-1.5.0.8-1.1.C30mdk.x86_64.rpm 5569afdd940d28bdf37a1003d5d5d6b0 corporate/3.0/x86_64/mozilla-thunderbird-sv-1.5.0.8-1.1.C30mdk.x86_64.rpm d00245da432be7a7d268846891555930 corporate/3.0/x86_64/mozilla-thunderbird-tr-1.5.0.8-1.1.C30mdk.x86_64.rpm ee130a70f9b1fe5719fea63963f3db6d corporate/3.0/x86_64/mozilla-thunderbird-zh_CN-1.5.0.8-1.1.C30mdk.x86_64.rpm 81f41bebeb9eca34d7c27ab81ca41af6 corporate/3.0/x86_64/nsinstall-1.5.0.8-1.1.C30mdk.x86_64.rpm 04cdbf8cd4c1b9baf1b1c34e0c7bfcb9 corporate/3.0/SRPMS/mozilla-thunderbird-1.5.0.8-1.1.C30mdk.src.rpm 98c5a4c000178cf57677fa6ee70adb71 corporate/3.0/SRPMS/mozilla-thunderbird-enigmail-l10n-1.5.0.8-1.1.C30mdk.src.rpm 124ecce0dd9a26b565eef6c2f7e14401 corporate/3.0/SRPMS/mozilla-thunderbird-l10n-1.5.0.8-1.1.C30mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFU42GmqjQ0CJFipgRAiJgAKDQ8K7lgpOsNzXOQcSOrfcVrHQ4sACeLaqm 75x+jP9FNzlE7ieAV3r7Czs= =DdKu -----END PGP SIGNATURE-----
. =========================================================== Ubuntu Security Notice USN-381-1 November 16, 2006 firefox vulnerabilities CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.10 Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 5.10: firefox 1.5.dfsg+1.5.0.8-0ubuntu0.5.10 firefox-dev 1.5.dfsg+1.5.0.8-0ubuntu0.5.10
Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 firefox-dev 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 libnspr-dev 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 libnspr4 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 libnss-dev 1.5.dfsg+1.5.0.8-0ubuntu0.6.06 libnss3 1.5.dfsg+1.5.0.8-0ubuntu0.6.06
After a standard system upgrade you need to restart Firefox to effect the necessary changes.
Details follow:
USN-351-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. (CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748)
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10.diff.gz
Size/MD5: 177335 10b377fae580ae8f70363ffd70e47269
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10.dsc
Size/MD5: 1056 5db441b8802f27c49571095404b73bb7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8.orig.tar.gz
Size/MD5: 44080423 9716c747d634997ec34dbf5f2e9ed80f
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_all.deb
Size/MD5: 49586 9c0480fccb28d05f504b4b07811bccc1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_all.deb
Size/MD5: 50476 ad8be2b891ceb1884c64b04057201418
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb
Size/MD5: 82786 7c57efcd467f65b5fddb99045f368cde
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb
Size/MD5: 10228966 98741e95215a819e389680e91f18e72e
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb
Size/MD5: 3152342 e0ab77c6e143bb59b43fd92d34b68900
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb
Size/MD5: 216484 8c13b0af86b6f83f5ee92e6367a887d7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb
Size/MD5: 210022 38257be6e6a43928bb10802118a264af
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb
Size/MD5: 75156 0d8a65e5fa64cb0e4230e85e975a05d7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb
Size/MD5: 3152316 f4b306a5bf76d7788c581ae969a754d0
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb
Size/MD5: 8651302 6f375546f6d948932f4a1652b3569e70
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb
Size/MD5: 3152444 7293cd7542ea90e41823b76b822a6e8b
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb
Size/MD5: 213430 b274f35517ffb38ce880679d79764a52
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb
Size/MD5: 78406 41578a0497fce59bee796ff4fcdaab3c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb
Size/MD5: 9831168 0aabf7e840fef774adc05edef039caad
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb
Size/MD5: 76784 d69cac5024601a5ea20074e9964e288e
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb
Size/MD5: 9166628 27f5d52e3c828c8b1604b0982dda7cc3
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb
Size/MD5: 210978 4a5ffba99714c584ca8e349b988c4400
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb
Size/MD5: 3152400 65ee6a126404960525e73d7c32d587d7
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06.diff.gz
Size/MD5: 175871 52f1c28309ee6c7ef8c2f1d43d963cf8
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06.dsc
Size/MD5: 1113 cd1281da2de45441a5a3e6034a38ab13
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8.orig.tar.gz
Size/MD5: 44080423 9716c747d634997ec34dbf5f2e9ed80f
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_all.deb
Size/MD5: 49602 ab797aec8733b6c3e2280cdb09b64d1a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_all.deb
Size/MD5: 50490 1b3e5005f5e3fa797b3682b200cc50d4
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 47328882 934c4351e36288e88e1168c041542f5a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 2798910 7ee44fb3180623ce8a3a1f9efeb0d419
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 216552 92a1743a061e332e080a626dbd399570
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 82776 7d4b77da6a355c5e9f0113aaba778b03
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 9420500 dc95e234fc1c321b64073816aa347550
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 219228 e12302edf6ea04accaf83a8879dff274
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 162300 35187fec0d3be43ef0aa9bd83dfabd6b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 236150 c98d56050fe2e27e3915acf2662aa8d4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb
Size/MD5: 757954 8ee38f642969b44e7d342d89e0c91dfd
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 43902878 41afd17ae29b433ff26e51ef80e04599
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 2798856 219ca82f455cad14a0021c0f66d6e8c0
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 209962 02b36bc31e994256b74dd3d84dba7254
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 75136 388a11c39a72e0a9a1969a5a1c0a48f8
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 7932082 d6b266569d4bf056aa04a760459b8fc8
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 219220 38b33e647137f579876b9047657fe390
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 146980 57afd15fd3b17f8d5bf53b72592889e4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 236146 3936122367330caea7cf573973bdb0a2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb
Size/MD5: 670102 67a930f2102173f1c84dd0ddf751b388
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 48721788 ad5ed6cebb6c5c97521e8416cbb6ba06
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 2798932 aa5d623d34acb2bea9e7a1dc21e891dc
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 213390 0323fadebfa079e9724e1cf3e930b977
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 78300 fda19c102717648e93f332314c0d8020
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 9031548 360d013efe74f061ba266d4ae7ff9177
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 219224 7385d32cb21f0b83933822c4495a6783
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 159522 ee71fefedbaade594b3b0064524db684
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 236156 8ea5d14656d349724f5b254e035dfc2f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb
Size/MD5: 768836 19b4c155f8c00ccff6656590d4ffc3be
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 45291164 417432698e5e51ae96d59ac90cc8390a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 2798918 6d3cfdc63c80688263b567e06e876d74
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 210898 d8884f2ae360e55fdcad1b1ef8b3e338
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 76754 68db0c6ff37422083ed5f0a46103a723
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 8425346 ea28be8619f1411eaff2f7fba07a47f5
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 219232 a81a2dedef311f71a8c3ae1b96d7b9d1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 149470 08152c38d3129bc6bf3164d6f48727cc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 236140 3b742ce49bbb397b1de45a8371672828
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb
Size/MD5: 682188 d4155e8163fed88108c17a31d0320e69
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 1225-1 security@debian.org http://www.debian.org/security/ Martin Schulze December 3rd, 2006 http://www.debian.org/security/faq
Package : mozilla-firefox Vulnerability : several Problem type : remote Debian-specific: no CVE IDs : CVE-2006-4310 CVE-2006-5462 CVE-2006-5463 CVE-2006-5464 CVE-2006-5748 CERT advisories: VU#335392 VU#390480 VU#495288 VU#714496 BugTraq IDs : 19678 20957
Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities:
CVE-2006-4310
Tomas Kempinsky discovered that malformed FTP server responses
could lead to denial of service.
CVE-2006-5462
Ulrich K\xfchn discovered that the correction for a cryptographic
flaw in the handling of PKCS-1 certificates was incomplete, which
allows the forgery of certificates.
CVE-2006-5463
"shutdown" discovered that modification of JavaScript objects
during execution could lead to the execution of arbitrary
JavaScript bytecode.
CVE-2006-5464
Jesse Ruderman and Martijn Wargers discovered several crashes in
the layout engine, which might also allow execution of arbitrary
code.
CVE-2006-5748
Igor Bukanov and Jesse Ruderman discovered several crashes in the
JavaScript engine, which might allow execution of arbitrary code.
This update also adresses several crashes, which could be triggered by malicious websites and fixes a regression introduced in the previous Mozilla update.
For the stable distribution (sarge) these problems have been fixed in version 1.0.4-2sarge13.
For the unstable distribution (sid) these problems have been fixed in the current iceweasel package 2.0+dfsg-1.
We recommend that you upgrade your mozilla-firefox package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13.dsc
Size/MD5 checksum: 1003 4a8d05c1e9563e6066ca838e7c0b2f53
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13.diff.gz
Size/MD5 checksum: 450265 46d4bedf12a1e0c92a275ae012d92b5a
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz
Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d
Alpha architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_alpha.deb
Size/MD5 checksum: 11182242 388bf02a94456182cd7a39187886875a
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_alpha.deb
Size/MD5 checksum: 170908 4cbff185bb88b1c7e11791059cd83142
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_alpha.deb
Size/MD5 checksum: 62736 f42571aa18001fc521be0f5348eb9511
AMD64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_amd64.deb
Size/MD5 checksum: 9412474 fcd7ced169a47d7413197a918047036a
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_amd64.deb
Size/MD5 checksum: 165706 931ebeee155ac01fcecb1467388a2fab
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_amd64.deb
Size/MD5 checksum: 61276 cf839454fe9e09a0b58641353f9c75c6
ARM architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_arm.deb
Size/MD5 checksum: 8233670 39a042f6300c805ad372828fd115cab0
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_arm.deb
Size/MD5 checksum: 157176 873eb90c91c98e1c4168f215b493fd74
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_arm.deb
Size/MD5 checksum: 56586 c53ca4b95b188684381338eae43603cc
HP Precision architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_hppa.deb
Size/MD5 checksum: 10287242 8a7eddef738dfe4eb164bd5e486474a2
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_hppa.deb
Size/MD5 checksum: 168624 fa195e512062a19cf92018de4009160d
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_hppa.deb
Size/MD5 checksum: 61736 b0dbfbbce97f954c9487a126d20b9a90
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_i386.deb
Size/MD5 checksum: 8908194 9cfe0ac430050c7d62066cd3f8beb64f
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_i386.deb
Size/MD5 checksum: 160902 77a78dd1eac37417b4a5629e745e4391
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_i386.deb
Size/MD5 checksum: 58124 f82b3d3fc66e1054d5da72a69ab9bd20
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_ia64.deb
Size/MD5 checksum: 11646376 83d5349be8156e1f95eb75da89beb578
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_ia64.deb
Size/MD5 checksum: 171244 46ae3d6d9112d31f92407922832e6599
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_ia64.deb
Size/MD5 checksum: 65934 690969e2e7a865faee22ed6fb8a88384
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_m68k.deb
Size/MD5 checksum: 8186050 ab9f31d6cbd9ff6c1820c59ef1e44ce7
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_m68k.deb
Size/MD5 checksum: 159792 69c3cf68fc12fd5fb3929339aa8cd9cb
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_m68k.deb
Size/MD5 checksum: 57394 14636fe25df3a18c536819129e83e1a0
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_mips.deb
Size/MD5 checksum: 9943474 75b7796d42079421a151bfac35a17f95
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_mips.deb
Size/MD5 checksum: 158694 a3c6f1c71947cb5e9c2fc8d8acece832
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_mips.deb
Size/MD5 checksum: 58386 395683ab3ebb0983e24bc3afde8d28f5
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_mipsel.deb
Size/MD5 checksum: 9819470 41ecbd5f3543c0b110771e93e2307abc
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_mipsel.deb
Size/MD5 checksum: 157672 43ca2a353bacf378a2dc7dfa9a7f3a73
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_mipsel.deb
Size/MD5 checksum: 57634 8d16796108c3a7627ab9654e977277a5
PowerPC architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_powerpc.deb
Size/MD5 checksum: 8580222 c2f239d0961911962bea6b7f7bf1cdc1
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_powerpc.deb
Size/MD5 checksum: 159320 5a5ea9d8a9f7a845bc1898b0c9976112
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_powerpc.deb
Size/MD5 checksum: 60508 3ce3df0f45aeef3acb1964960bf76406
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_s390.deb
Size/MD5 checksum: 9650866 9fd3e3788898152580a0ab344112b5ab
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_s390.deb
Size/MD5 checksum: 166290 70bcea0f67fc9d0288c75bb2ad8e7b36
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_s390.deb
Size/MD5 checksum: 60696 7d6b7a3cf65fa798f3e41275f4bb9967
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_sparc.deb
Size/MD5 checksum: 8672090 c32301aeb3eb3ebbad2ff26f56d3e9ee
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_sparc.deb
Size/MD5 checksum: 159508 7c3fd5b5a0c78c8abf09082dcb06bbfc
http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_sparc.deb
Size/MD5 checksum: 56946 0b154ceb732d771ca492e4d98ea21350
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFcvzPW5ql+IAeqTIRAv/HAJwNUC+NOPCf2Nq1161rGipNubPqDQCfWnmg FvfjUK0FBtQjuT9x9Fg3gu8= =1YQv -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0176",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": "jre 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 011",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 010",
"scope": "eq",
"trust": 1.5,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "1.0.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.3,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "sdk 010",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 013",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 014",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 1.2,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.4"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.3"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.4"
},
{
"model": "network security services",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.2"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.2"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.1"
},
{
"model": "firefox",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5.0.6"
},
{
"model": "seamonkey",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.0.1"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 1.0,
"vendor": "mozilla",
"version": "1.5"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 15",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jre 1.4.2 12",
"scope": null,
"trust": 0.9,
"vendor": "sun",
"version": null
},
{
"model": "sdk 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk b 005",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jre 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "sdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk .0 4",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 06",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "jre .0 02",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 008",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 08",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jre 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jre .0 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 03",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 015",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 012",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "sdk 014",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.9,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": "firefox",
"scope": "lte",
"trust": 0.8,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "seamonkey",
"scope": "lte",
"trust": 0.8,
"vendor": "mozilla",
"version": "1.0.5"
},
{
"model": "thunderbird",
"scope": "lte",
"trust": 0.8,
"vendor": "mozilla",
"version": "1.5.0.7"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 10 sparc for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 10 x86 for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 8 sparc for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 8 x86 for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 9 sparc for )"
},
{
"model": "mozilla",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "1.7 (solaris 9 x86 for )"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "sdk 13",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre .0 04",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 006",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "jdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk .0 03",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.6,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jdk 06",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.5"
},
{
"model": "jre b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "sdk 05",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jdk 002",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 008",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "sdk 12",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "jdk 004",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "sdk 013",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jdk b 007",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre 012",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "jre 005",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.6,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.5"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.9"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "communications security ssh tectia k",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.10"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "ons",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "154548.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "securecrt",
"scope": "eq",
"trust": 0.3,
"vendor": "vandyke",
"version": "5.2.2"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ffi global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "java web proxy server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.6"
},
{
"model": "2-stable-20061018",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "jre b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "4,0 beta",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "jre .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "-stablepre122300",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser 1win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "jdk 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "6.2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.51"
},
{
"model": "jre 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "sdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "thunderbird",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.5"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "jdk 1.5.0.0 06",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "java system web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "sdk 04",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.6"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.1"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.6"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.2"
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.54"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "one web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.51"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.1"
},
{
"model": "java system web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "www-client/opera",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "9.0.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.10"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.4"
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "sdk 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.02"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1.1"
},
{
"model": "jre 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.1"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "jre 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "reflection ftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "12.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ffi global fix",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "communications security ssh tectia",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.1"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.1"
},
{
"model": "jsse 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.1"
},
{
"model": "java system web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "java web proxy server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "jre 009",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.52"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "jre b 005",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "jsse 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jre 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "international cryptographic infrastructure",
"scope": "ne",
"trust": 0.3,
"vendor": "novell",
"version": "2.7.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "risk analytics platform",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.54"
},
{
"model": "software opera web browser beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "83"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.53"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.21"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.3"
},
{
"model": "openoffice",
"scope": "ne",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "java system application server 2004q2 r1standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "secure acs solution engine",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "data direct odbc/ole-db drivers for ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "communications security tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "global fix lite",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.01"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.1"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.22"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.4"
},
{
"model": "virtualvault a.04.50",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "jdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "integrated management",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "jre 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2.1"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.1"
},
{
"model": "jdk 1.5.0.0 04",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "java system web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.5"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "one application server platform edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "x0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.2"
},
{
"model": "software opera web browser j",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.1"
},
{
"model": "one web server sp9",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia connector",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.3"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.4"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.42"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "8.1.7"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.50"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.1"
},
{
"model": "workspace",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.06"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "ecda",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "jre 07",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "sdk 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "java web proxy server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "3.1"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "software opera web browser beta build",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.2012981"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.8"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.2"
},
{
"model": "project openssl l",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.53"
},
{
"model": "reflection sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.1"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "current pre20010701",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "jdk b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "corp banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "java system application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "tomboy",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.5.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.9"
},
{
"model": "one web server sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.10"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.5"
},
{
"model": "java system application server 2004q2 r1enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "jdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.1"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "9.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "14.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.4"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser .6win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "sdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "data integration suite di",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "1.0"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0"
},
{
"model": "rtds",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "3.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "java web proxy server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "java system application server platform edition q1 ur1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "data auditing",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.5.2"
},
{
"model": "communications security ssh tectia j",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.1"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.4"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0.2"
},
{
"model": "stable",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "java system web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "sdk 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "4.10-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "java enterprise system 2005q1",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "sdk 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4.2"
},
{
"model": "reflection sftp client",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "java system application server platform edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "iq extended enterpirse edition",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jdk 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.12"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.11"
},
{
"model": "java system application server standard 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "sdk 07a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "interactive response",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.1"
},
{
"model": "software opera web browser mac",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "6.1"
},
{
"model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.1"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.3"
},
{
"model": "international cryptographic infostructure",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "2.6.1"
},
{
"model": "communications security ssh tectia k",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.8"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "software opera web browser b",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "project openssl k",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "java system application server standard 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "9.01"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "java system application server 2004q2 r2 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java system web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "current august",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "232006"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 05a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "sdk 007",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.05"
},
{
"model": "one web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.2"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "6.0"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.3"
},
{
"model": "jdk 15",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.11"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "2.0"
},
{
"model": "cvlan",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "jre 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "java system application server 2004q2 r3 enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "java enterprise system 2003q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "java system application server 2004q2 r3 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "jre beta",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.5.0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.10"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "java system application server 2004q2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20090"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "3.1 rc3",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.5"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "11.5"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.03"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.02"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "java system application server enterprise 2004q2 r5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "unwired accelerator and enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "8.0"
},
{
"model": "one web server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "jre 14",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "jre 13",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.5"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "jdk 12",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "mach desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "jdk 11",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "advanced linux environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "secure global desktop",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": "4.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.0.2"
},
{
"model": "communications security ssh tectia manager",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "2.1.4"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.04"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "one web server sp10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "7.0"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "java system application server standard platform q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.52"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "webproxy a.02.10",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.4.2"
},
{
"model": "java system application server enterprise 2004q2 r4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0.0"
},
{
"model": "java system web server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java system web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "one web server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "project openssl c",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2"
},
{
"model": "jdk 099",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "jre 006",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "powerbuilder",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "10.2.0"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.13"
},
{
"model": "webproxy a.02.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.1"
},
{
"model": "virtualvault a.04.70",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"model": "sdk 02",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "e-biz impact",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4.5"
},
{
"model": "java system application server enterprise edition q1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "8.12005"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "jdk 1.5.0.0 03",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3-1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "jdk 10",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "ffi uofx",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.50"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "jre",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.1.1"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "java web proxy server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "13.0.5"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "seamonkey",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.0.6"
},
{
"model": "ase",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5.2"
},
{
"model": "unwired orchestrator",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.0"
},
{
"model": "systems weblogic express for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.4"
},
{
"model": "jsse 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.2.0"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "e1.0-solid",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.1"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "netscape",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "7.2"
},
{
"model": "-release/alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "ffi bptw",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "java web proxy server sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "java system application server 2004q2 r2 standard",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "communications security ssh tectia j",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3.2"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "virtualvault a.04.60",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "afaria",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.3"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "reflection",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "10.0"
},
{
"model": "java enterprise system 2005q4",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "hat fedora core5",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.02"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "one web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk 01a",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0.x"
},
{
"model": "communications security ssh tectia manager",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "network security services",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11.3"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "jre 004",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.2"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.23"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "rfid enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.1"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "systems weblogic server for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.07"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.12"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "eq",
"trust": 0.3,
"vendor": "the",
"version": "1.37"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "-stablepre2002-03-07",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.0"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2"
},
{
"model": "communications security ssh tectia connector",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1"
},
{
"model": "thunderbird",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.0.8"
},
{
"model": "ffi cons banking",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "0"
},
{
"model": "alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "java enterprise system 2004q2",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "securefx",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "4.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "java system web server sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.01"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "software opera web browser 3win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.06"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "jre 09",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "2.0.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "software opera web browser 2win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "8.01"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "-stablepre050201",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.2"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "appeon",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.8"
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "bpi for healthcare",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.2.1"
},
{
"model": "java web proxy server sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "sdk .0 05",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "jre 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40003.1.59.24"
},
{
"model": "sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.20"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "communications security ssh tectia server",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.1.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "series airespace wireless lan controller",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20003.1.59.24"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "7.0.0.14"
},
{
"model": "sdk .0 01",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.4"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "software opera web browser",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.12"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.15"
},
{
"model": "systems weblogic server for win32",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.0"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.4"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "1.0.2.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "systems weblogic express for win32 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.14"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.3.1"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.3"
},
{
"model": "jre .0 03",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.3"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.5"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "mfolio",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "2.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "communications security ssh tectia server for ibm z/os",
"scope": "ne",
"trust": 0.3,
"vendor": "ssh",
"version": "5.2.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.11"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "jdk 003",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "communications security ssh tectia",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "1.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs for unix",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3.6.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "software opera web browser win32 beta",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "7.02"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "secure acs solution engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "systems weblogic express",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "openoffice",
"scope": "eq",
"trust": 0.3,
"vendor": "openoffice",
"version": "2.1"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.6"
},
{
"model": "firefox",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "1.5.8"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "network security services",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "3.11"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "jsse",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0.3"
},
{
"model": "current pre20010805",
"scope": null,
"trust": 0.3,
"vendor": "netbsd",
"version": null
},
{
"model": "software opera web browser win32",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "java web proxy server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "5.0"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "eii avaki sdf",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "legion of the bouncy castle java cryptography api",
"scope": "ne",
"trust": 0.3,
"vendor": "the",
"version": "1.38"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.2"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "software opera web browser linux",
"scope": "eq",
"trust": 0.3,
"vendor": "opera",
"version": "6.0.2"
},
{
"model": "systems weblogic server",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "9.1"
},
{
"model": "java system web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "java web proxy server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.6"
},
{
"model": "solaris update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "95"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "solonde etl",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "4.0"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "iq",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "12.5"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "vshell",
"scope": "eq",
"trust": 0.3,
"vendor": "van dyke",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "project openssl m",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.13"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "easerver",
"scope": "eq",
"trust": 0.3,
"vendor": "sybase",
"version": "5.1"
},
{
"model": "java system web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "communications security ssh tectia server",
"scope": "eq",
"trust": 0.3,
"vendor": "ssh",
"version": "4.4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mozilla:firefox",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:seamonkey",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:mozilla:thunderbird",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:mozilla",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Bleichenbacher reported this issue to the vendor.",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"cve": "CVE-2006-5462",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2006-5462",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-5462",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#335392",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#191336",
"trust": 0.8,
"value": "0.34"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "NVD",
"id": "CVE-2006-5462",
"trust": 0.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340. This vulnerability may allow an attacker to forge RSA signatures. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Airport Probe Response Kernel Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA22679\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22679/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nH.D. Moore has reported a vulnerability in the Apple Airport driver,\nwhich potentially can be exploited by malicious people to compromise\na vulnerable system. \n\nThe vulnerability is caused due to an error in the Airport driver\nprovided with Orinoco-based Airport cards when handling probe\nresponse frames. This can be exploited to overwrite kernel memory and\npotentially execute arbitrary code when the driver is running in\nactive scanning mode. \n\nThe vulnerability is reported in the driver on a PowerBook running\nversion 10.4.8. \n\nSOLUTION:\nDo not place the card into active scanning mode. \n\nPROVIDED AND/OR DISCOVERED BY:\nH D Moore\n\nORIGINAL ADVISORY:\nhttp://projects.info-pull.com/mokb/MOKB-01-11-2006.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n This update provides the latest Thunderbird to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5462\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748\n http://www.mozilla.org/security/announce/2006/mfsa2006-65.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-66.html\n http://www.mozilla.org/security/announce/2006/mfsa2006-67.html\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 488e65dfe45ecf7e3a9e1a3dedd5c2ce 2007.0/i586/mozilla-thunderbird-1.5.0.8-1.1mdv2007.0.i586.rpm\n 5e551ab45061148722dda1d7ce66959e 2007.0/i586/mozilla-thunderbird-bg-1.5.0.8-1.1mdv2007.0.i586.rpm\n 2149a7fd629b8bc6843c6fdf1bb49efb 2007.0/i586/mozilla-thunderbird-ca-1.5.0.8-1.1mdv2007.0.i586.rpm\n 0d2315b490e3b8dd2ab791bd6c3ee516 2007.0/i586/mozilla-thunderbird-cs-1.5.0.8-1.1mdv2007.0.i586.rpm\n d5583d1b99b948c90e1cad62d753d67d 2007.0/i586/mozilla-thunderbird-da-1.5.0.8-1.1mdv2007.0.i586.rpm\n 00ec607c39d3de4c589997d6c7ee6679 2007.0/i586/mozilla-thunderbird-de-1.5.0.8-1.1mdv2007.0.i586.rpm\n 6d1f0f2576362a0bb90b4f9d8c4f2153 2007.0/i586/mozilla-thunderbird-devel-1.5.0.8-1.1mdv2007.0.i586.rpm\n 2cb0e44d2e3f7fddd60249843204403f 2007.0/i586/mozilla-thunderbird-el-1.5.0.8-1.1mdv2007.0.i586.rpm\n 0c3c771882698d5651775aeed24bfd73 2007.0/i586/mozilla-thunderbird-enigmail-1.5.0.8-1.1mdv2007.0.i586.rpm\n 477ca905391c1d555d0136d46d557869 2007.0/i586/mozilla-thunderbird-enigmail-ca-1.5.0.8-1.1mdv2007.0.i586.rpm\n 741811dd392d942b27e1b3b0de695d4e 2007.0/i586/mozilla-thunderbird-enigmail-cs-1.5.0.8-1.1mdv2007.0.i586.rpm\n 7c2c4922c6a2c6ce2cb6108a95f7dbfa 2007.0/i586/mozilla-thunderbird-enigmail-de-1.5.0.8-1.1mdv2007.0.i586.rpm\n 7cbf9f3218d587ef97edf01f2298096b 2007.0/i586/mozilla-thunderbird-enigmail-el-1.5.0.8-1.1mdv2007.0.i586.rpm\n 7dbd9e4c16db82a761a7b502c1f7f22d 2007.0/i586/mozilla-thunderbird-enigmail-es-1.5.0.8-1.1mdv2007.0.i586.rpm\n b6dd6119216f6b748ee7c1570c3b8c37 2007.0/i586/mozilla-thunderbird-enigmail-es_AR-1.5.0.8-1.1mdv2007.0.i586.rpm\n 1eea732e08ca0ef96796c3f50abb1f77 2007.0/i586/mozilla-thunderbird-enigmail-fi-1.5.0.8-1.1mdv2007.0.i586.rpm\n e1cc5cf2496581d776bb43e2f0dbbea6 2007.0/i586/mozilla-thunderbird-enigmail-fr-1.5.0.8-1.1mdv2007.0.i586.rpm\n af86ce82ff9053250f82f2215c8dd7e5 2007.0/i586/mozilla-thunderbird-enigmail-hu-1.5.0.8-1.1mdv2007.0.i586.rpm\n 6319633c561c7f68c6614685126da02b 2007.0/i586/mozilla-thunderbird-enigmail-it-1.5.0.8-1.1mdv2007.0.i586.rpm\n 56387829c6cc83882246e68e3b8704b0 2007.0/i586/mozilla-thunderbird-enigmail-ja-1.5.0.8-1.1mdv2007.0.i586.rpm\n 56cb838bb0c375f53d3cff2eb76a1118 2007.0/i586/mozilla-thunderbird-enigmail-nb-1.5.0.8-1.1mdv2007.0.i586.rpm\n 253500598ff56ab85394e68708ace21d 2007.0/i586/mozilla-thunderbird-enigmail-nl-1.5.0.8-1.1mdv2007.0.i586.rpm\n 53b4d4f1aa4e8174a33a0ed436ce961a 2007.0/i586/mozilla-thunderbird-enigmail-pl-1.5.0.8-1.1mdv2007.0.i586.rpm\n fb9dd6933d27029538cd01a64ec55cee 2007.0/i586/mozilla-thunderbird-enigmail-pt-1.5.0.8-1.1mdv2007.0.i586.rpm\n 701b9837303a3ed79e6c74c037c28926 2007.0/i586/mozilla-thunderbird-enigmail-pt_BR-1.5.0.8-1.1mdv2007.0.i586.rpm\n b3739c1344770e92864c50f131f08884 2007.0/i586/mozilla-thunderbird-enigmail-ru-1.5.0.8-1.1mdv2007.0.i586.rpm\n 1efe7ebc2a71e2f2d6c2785026a6e7ac 2007.0/i586/mozilla-thunderbird-enigmail-sk-1.5.0.8-1.1mdv2007.0.i586.rpm\n 6860352b37999652aab785a266673e2f 2007.0/i586/mozilla-thunderbird-enigmail-sl-1.5.0.8-1.1mdv2007.0.i586.rpm\n 51abe323b14793097935b0c221e64f71 2007.0/i586/mozilla-thunderbird-enigmail-sv-1.5.0.8-1.1mdv2007.0.i586.rpm\n b8ec884437a460c9fbb5c71db6a46c31 2007.0/i586/mozilla-thunderbird-enigmail-zh_CN-1.5.0.8-1.1mdv2007.0.i586.rpm\n 9ae4fb1871ee29f3f7b52210c0cf4e1b 2007.0/i586/mozilla-thunderbird-es-1.5.0.8-1.1mdv2007.0.i586.rpm\n e1a31b03ffef8e86df09579296fce3c9 2007.0/i586/mozilla-thunderbird-es_AR-1.5.0.8-1.1mdv2007.0.i586.rpm\n 6b4bdbb4648231b128655e56015621c7 2007.0/i586/mozilla-thunderbird-eu-1.5.0.8-1.1mdv2007.0.i586.rpm\n d333252ee1ba51351762e4050565ecb1 2007.0/i586/mozilla-thunderbird-fi-1.5.0.8-1.1mdv2007.0.i586.rpm\n 0a2828dbab70a2be0e721cc016f93d7f 2007.0/i586/mozilla-thunderbird-fr-1.5.0.8-1.1mdv2007.0.i586.rpm\n defa2ac291c66f693946362bd2501c40 2007.0/i586/mozilla-thunderbird-ga-1.5.0.8-1.1mdv2007.0.i586.rpm\n c5540aa8289eefbf3e708e442de77aa8 2007.0/i586/mozilla-thunderbird-gu_IN-1.5.0.8-1.1mdv2007.0.i586.rpm\n 45da9968c4661ef994ef1dcefd0ad54f 2007.0/i586/mozilla-thunderbird-he-1.5.0.8-1.1mdv2007.0.i586.rpm\n df8d2ea1013a65457aa1f2100060d968 2007.0/i586/mozilla-thunderbird-hu-1.5.0.8-1.1mdv2007.0.i586.rpm\n f87f2441b2ca36d4f5c3f3f2dd04b3bb 2007.0/i586/mozilla-thunderbird-it-1.5.0.8-1.1mdv2007.0.i586.rpm\n bc3a281fbc5c09b7f962dfb1d3b9e517 2007.0/i586/mozilla-thunderbird-ja-1.5.0.8-1.1mdv2007.0.i586.rpm\n 2563050985477697472069d08e96de0f 2007.0/i586/mozilla-thunderbird-ko-1.5.0.8-1.1mdv2007.0.i586.rpm\n e22be985ae58ab3eba5b90aa6a3eb58e 2007.0/i586/mozilla-thunderbird-lt-1.5.0.8-1.1mdv2007.0.i586.rpm\n fde0d1b9c4feee3c1e239345f4065090 2007.0/i586/mozilla-thunderbird-mk-1.5.0.8-1.1mdv2007.0.i586.rpm\n 10be2386887a6c70bc4f9c0453b33072 2007.0/i586/mozilla-thunderbird-nb-1.5.0.8-1.1mdv2007.0.i586.rpm\n 1c92d5ee79fc52ec1525f3c96dfa1916 2007.0/i586/mozilla-thunderbird-nl-1.5.0.8-1.1mdv2007.0.i586.rpm\n 42e6ddb4a33a297c71b996bf651a4d69 2007.0/i586/mozilla-thunderbird-pa_IN-1.5.0.8-1.1mdv2007.0.i586.rpm\n 96394d1245284a886b954bb063c0ab5b 2007.0/i586/mozilla-thunderbird-pl-1.5.0.8-1.1mdv2007.0.i586.rpm\n 8386317130e064260bd8b114616410ed 2007.0/i586/mozilla-thunderbird-pt_BR-1.5.0.8-1.1mdv2007.0.i586.rpm\n eb622e8adc0767e090a608e80a1611b7 2007.0/i586/mozilla-thunderbird-ru-1.5.0.8-1.1mdv2007.0.i586.rpm\n 3ca6736aaf725851a0be21f0490aeb20 2007.0/i586/mozilla-thunderbird-sk-1.5.0.8-1.1mdv2007.0.i586.rpm\n 47b16b8c45acc936b62051594ed87c69 2007.0/i586/mozilla-thunderbird-sl-1.5.0.8-1.1mdv2007.0.i586.rpm\n c2e742162882c52761040025ff4ddfff 2007.0/i586/mozilla-thunderbird-sv-1.5.0.8-1.1mdv2007.0.i586.rpm\n 072c5224bd49a45ba7ab0a57f657ec6e 2007.0/i586/mozilla-thunderbird-tr-1.5.0.8-1.1mdv2007.0.i586.rpm\n 3393e810730d305adc4fe8ecc98b782a 2007.0/i586/mozilla-thunderbird-zh_CN-1.5.0.8-1.1mdv2007.0.i586.rpm\n 70882501b0fc01a56cee67c2b7c63ac5 2007.0/i586/nsinstall-1.5.0.8-1.1mdv2007.0.i586.rpm \n e408368ca02e7efbbece9adbaaea7d56 2007.0/SRPMS/mozilla-thunderbird-1.5.0.8-1.1mdv2007.0.src.rpm\n 7867a124b85e4a8098ec7b814267c1f5 2007.0/SRPMS/mozilla-thunderbird-enigmail-l10n-1.5.0.8-1.1mdv2007.0.src.rpm\n e776e0c4c5a6ff592af0c346bf8b4511 2007.0/SRPMS/mozilla-thunderbird-l10n-1.5.0.8-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 47aa8c7af46ee44f1b51e0f44772beeb 2007.0/x86_64/mozilla-thunderbird-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n e284b46733e04ab96cccb612de04e5a8 2007.0/x86_64/mozilla-thunderbird-bg-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n e73efd093c48aa82d6f73025f1ade443 2007.0/x86_64/mozilla-thunderbird-ca-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n ed790bdd1a45343b427925765f5f2b5c 2007.0/x86_64/mozilla-thunderbird-cs-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 61690a97ef04b6083693ffe4a9ab3176 2007.0/x86_64/mozilla-thunderbird-da-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 889574eda89385739aad6eda7f3d2604 2007.0/x86_64/mozilla-thunderbird-de-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n ef9b59cdd619da74737b5e91e4067386 2007.0/x86_64/mozilla-thunderbird-devel-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n e20a88ece32f8ee81aaedd828558d880 2007.0/x86_64/mozilla-thunderbird-el-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 250f6f86984922da278774d480ba37a7 2007.0/x86_64/mozilla-thunderbird-enigmail-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n f683dba38c9055cbac36f8468e357ebf 2007.0/x86_64/mozilla-thunderbird-enigmail-ca-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 6594d0bb3f7770f168728827c1cf9f83 2007.0/x86_64/mozilla-thunderbird-enigmail-cs-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 1ee011c3c94c7b081f53b9a55996da0c 2007.0/x86_64/mozilla-thunderbird-enigmail-de-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n be24dd32e628b8294c1b87d200cf02dd 2007.0/x86_64/mozilla-thunderbird-enigmail-el-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 020acf8e510080a701c6278c6eb862ae 2007.0/x86_64/mozilla-thunderbird-enigmail-es-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n af4c92e4f3eaf833111572ead14c8c04 2007.0/x86_64/mozilla-thunderbird-enigmail-es_AR-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 7483c3a55198fcbc9be2c9750919a370 2007.0/x86_64/mozilla-thunderbird-enigmail-fi-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 753acdb58e6400659dab48ff78f371e7 2007.0/x86_64/mozilla-thunderbird-enigmail-fr-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n fb83f542bd12edda5e85d9873a08a938 2007.0/x86_64/mozilla-thunderbird-enigmail-hu-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 996bbfb13654cfc2180036ea6b1e61df 2007.0/x86_64/mozilla-thunderbird-enigmail-it-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n ff6217b99ab96a1444b6a758bf184ecf 2007.0/x86_64/mozilla-thunderbird-enigmail-ja-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n f15d9f053011068deba71fdc05dc6d46 2007.0/x86_64/mozilla-thunderbird-enigmail-nb-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 98f63b0dedef781ec16f8bebb6a032cb 2007.0/x86_64/mozilla-thunderbird-enigmail-nl-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n e5e42bb849d26a4f59fb6204d6ed9850 2007.0/x86_64/mozilla-thunderbird-enigmail-pl-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 8bc9d56d4778baf40b115eb805a506b3 2007.0/x86_64/mozilla-thunderbird-enigmail-pt-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 21c7d7ffd14a724e4ce9d96e99d0f3c7 2007.0/x86_64/mozilla-thunderbird-enigmail-pt_BR-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 9b115831c8ae36d7141c93a9d867d445 2007.0/x86_64/mozilla-thunderbird-enigmail-ru-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n d6efb3cdaba13c17dd31147011796614 2007.0/x86_64/mozilla-thunderbird-enigmail-sk-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 4239765036a0bffaa4fcff9fb076a221 2007.0/x86_64/mozilla-thunderbird-enigmail-sl-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n be87cc456600cb0dc18730ae3f75af92 2007.0/x86_64/mozilla-thunderbird-enigmail-sv-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 459367e42865a1de4374d2a9b8c36232 2007.0/x86_64/mozilla-thunderbird-enigmail-zh_CN-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 1e1b30720806b2c6ab650251f9756127 2007.0/x86_64/mozilla-thunderbird-es-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 70c5525bea63d291374706abfb4523c4 2007.0/x86_64/mozilla-thunderbird-es_AR-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 4addf81f6fdb0fe55d2274ba726d066e 2007.0/x86_64/mozilla-thunderbird-eu-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 9c9a1e6a7623a712f40666e77fd3f2b4 2007.0/x86_64/mozilla-thunderbird-fi-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 9cd9d0509bbe4d0bc7c092118253c237 2007.0/x86_64/mozilla-thunderbird-fr-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n b23236fc11caa38b1354893f1e9863e1 2007.0/x86_64/mozilla-thunderbird-ga-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n c5b898d7f04c26a34bb4223ee4547586 2007.0/x86_64/mozilla-thunderbird-gu_IN-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 8e114fec014131d472790035a1509783 2007.0/x86_64/mozilla-thunderbird-he-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 3eda3b36a83c550a1f52faf6adfb0b10 2007.0/x86_64/mozilla-thunderbird-hu-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n c336cc525567465d1649ee55c604d3a3 2007.0/x86_64/mozilla-thunderbird-it-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 476f974ea2e3b9ef971231b8b08e62f0 2007.0/x86_64/mozilla-thunderbird-ja-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 7878332de8134b9025b924315d6ffbf6 2007.0/x86_64/mozilla-thunderbird-ko-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 7602f9099c26d60e934f54918dd38e46 2007.0/x86_64/mozilla-thunderbird-lt-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 52ba4b91175db4376fd4c4e9018969c3 2007.0/x86_64/mozilla-thunderbird-mk-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 1e2bc31ee83c5c47f06953aba976a27d 2007.0/x86_64/mozilla-thunderbird-nb-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 47b180beb65802e89f7e6a8be7f33d15 2007.0/x86_64/mozilla-thunderbird-nl-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 6485a71b5d07fef3e337630aa53bb4c6 2007.0/x86_64/mozilla-thunderbird-pa_IN-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 6b5df9cad533fc75fc47191df5f3dabf 2007.0/x86_64/mozilla-thunderbird-pl-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 99b61d660a72eff639f78ec0422aeaf2 2007.0/x86_64/mozilla-thunderbird-pt_BR-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 99cfe247978fe85b5b5186bf12247f3a 2007.0/x86_64/mozilla-thunderbird-ru-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 8c393629997cea717c2f1e8d077a9344 2007.0/x86_64/mozilla-thunderbird-sk-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n be518e4b4833e6cb9d083871101be35b 2007.0/x86_64/mozilla-thunderbird-sl-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 8dedff0ffd0e7b7721b256f01821f188 2007.0/x86_64/mozilla-thunderbird-sv-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 05202d61506a60981fb9a317ce6a5d5d 2007.0/x86_64/mozilla-thunderbird-tr-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 0deda88ec857fb0c11b57555814a20ec 2007.0/x86_64/mozilla-thunderbird-zh_CN-1.5.0.8-1.1mdv2007.0.x86_64.rpm\n 0f2f7928b2edfbe0ae5faf127b0ed066 2007.0/x86_64/nsinstall-1.5.0.8-1.1mdv2007.0.x86_64.rpm \n e408368ca02e7efbbece9adbaaea7d56 2007.0/SRPMS/mozilla-thunderbird-1.5.0.8-1.1mdv2007.0.src.rpm\n 7867a124b85e4a8098ec7b814267c1f5 2007.0/SRPMS/mozilla-thunderbird-enigmail-l10n-1.5.0.8-1.1mdv2007.0.src.rpm\n e776e0c4c5a6ff592af0c346bf8b4511 2007.0/SRPMS/mozilla-thunderbird-l10n-1.5.0.8-1.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n 71192ef0a8bd28533718191d287d8158 corporate/3.0/i586/mozilla-thunderbird-1.5.0.8-1.1.C30mdk.i586.rpm\n c0121a4a0192d7944b1f8d30c977ab38 corporate/3.0/i586/mozilla-thunderbird-bg-1.5.0.8-1.1.C30mdk.i586.rpm\n 53c403f48cb8547f0eb646ab1b41b656 corporate/3.0/i586/mozilla-thunderbird-ca-1.5.0.8-1.1.C30mdk.i586.rpm\n 032ebcc12942292620b05929e0583f3a corporate/3.0/i586/mozilla-thunderbird-cs-1.5.0.8-1.1.C30mdk.i586.rpm\n c88d6e26aa75dab433abcf71f2962e5c corporate/3.0/i586/mozilla-thunderbird-da-1.5.0.8-1.1.C30mdk.i586.rpm\n dcc54cb45829470f4267806696b46eca corporate/3.0/i586/mozilla-thunderbird-de-1.5.0.8-1.1.C30mdk.i586.rpm\n e7ba899422d7cbfd343659b810e4ee52 corporate/3.0/i586/mozilla-thunderbird-devel-1.5.0.8-1.1.C30mdk.i586.rpm\n d987b44bd201c2a23b404751e13df538 corporate/3.0/i586/mozilla-thunderbird-el-1.5.0.8-1.1.C30mdk.i586.rpm\n 9d496fa524a5226676f56ed87d2015ec corporate/3.0/i586/mozilla-thunderbird-enigmail-1.5.0.8-1.1.C30mdk.i586.rpm\n eac64993c47963ede70eca5fb62e30b9 corporate/3.0/i586/mozilla-thunderbird-enigmail-ca-1.5.0.8-1.1.C30mdk.i586.rpm\n b5523fcbf2370d1805e1f917faaa31c8 corporate/3.0/i586/mozilla-thunderbird-enigmail-cs-1.5.0.8-1.1.C30mdk.i586.rpm\n 1eb806fe5a429b52f010e16aeed4cb4a corporate/3.0/i586/mozilla-thunderbird-enigmail-de-1.5.0.8-1.1.C30mdk.i586.rpm\n 1a8da00f3e4033ec813df4548072ac9f corporate/3.0/i586/mozilla-thunderbird-enigmail-el-1.5.0.8-1.1.C30mdk.i586.rpm\n 3a2434c868a3b5799cb69c31d43f900c corporate/3.0/i586/mozilla-thunderbird-enigmail-es-1.5.0.8-1.1.C30mdk.i586.rpm\n a1bb48121d53f83bf0efd303ea477b71 corporate/3.0/i586/mozilla-thunderbird-enigmail-es_AR-1.5.0.8-1.1.C30mdk.i586.rpm\n 6f9d308c194ae42cfa0787afdebff2cc corporate/3.0/i586/mozilla-thunderbird-enigmail-fi-1.5.0.8-1.1.C30mdk.i586.rpm\n bb3c3cf4056814131f8031471c81ac6f corporate/3.0/i586/mozilla-thunderbird-enigmail-fr-1.5.0.8-1.1.C30mdk.i586.rpm\n 4228aaf098c501a80af97469393482b5 corporate/3.0/i586/mozilla-thunderbird-enigmail-hu-1.5.0.8-1.1.C30mdk.i586.rpm\n 3a95ad54416e2f002d1aaa32557cf947 corporate/3.0/i586/mozilla-thunderbird-enigmail-it-1.5.0.8-1.1.C30mdk.i586.rpm\n 19e1eac0351d89760ee31b4c9ee4fcc4 corporate/3.0/i586/mozilla-thunderbird-enigmail-ja-1.5.0.8-1.1.C30mdk.i586.rpm\n 1c21de0415bd0223237aa82795cc9600 corporate/3.0/i586/mozilla-thunderbird-enigmail-nb-1.5.0.8-1.1.C30mdk.i586.rpm\n a11487e4145c294a57a77491f6996748 corporate/3.0/i586/mozilla-thunderbird-enigmail-nl-1.5.0.8-1.1.C30mdk.i586.rpm\n 31064002ac59d4857c3c45c3161580dc corporate/3.0/i586/mozilla-thunderbird-enigmail-pl-1.5.0.8-1.1.C30mdk.i586.rpm\n fc88eeba422b084ffa67b77211248ef0 corporate/3.0/i586/mozilla-thunderbird-enigmail-pt-1.5.0.8-1.1.C30mdk.i586.rpm\n 4ead83e3405e7469370b4f02a9254ddc corporate/3.0/i586/mozilla-thunderbird-enigmail-pt_BR-1.5.0.8-1.1.C30mdk.i586.rpm\n 3a15b707a6d7f8e9b25c1ccaea023333 corporate/3.0/i586/mozilla-thunderbird-enigmail-ru-1.5.0.8-1.1.C30mdk.i586.rpm\n 1a8c565fd3b42069b2e42103d98dfab2 corporate/3.0/i586/mozilla-thunderbird-enigmail-sk-1.5.0.8-1.1.C30mdk.i586.rpm\n 0040d479d7e55304c06df39b2233d12e corporate/3.0/i586/mozilla-thunderbird-enigmail-sl-1.5.0.8-1.1.C30mdk.i586.rpm\n 6fab1321b377748e22a6709b772d5159 corporate/3.0/i586/mozilla-thunderbird-enigmail-sv-1.5.0.8-1.1.C30mdk.i586.rpm\n 1969ec5d6cc27df2f09f9733b5b37c6d corporate/3.0/i586/mozilla-thunderbird-enigmail-zh_CN-1.5.0.8-1.1.C30mdk.i586.rpm\n 0c34a8e8bd3f9011283fe990771a857a corporate/3.0/i586/mozilla-thunderbird-es-1.5.0.8-1.1.C30mdk.i586.rpm\n 68781ca20e2232457046bdab86b59462 corporate/3.0/i586/mozilla-thunderbird-es_AR-1.5.0.8-1.1.C30mdk.i586.rpm\n 37c3909b8feb9a35208519ccf4ec8a46 corporate/3.0/i586/mozilla-thunderbird-eu-1.5.0.8-1.1.C30mdk.i586.rpm\n ea2febd0e93d9348fd580452f7adc0be corporate/3.0/i586/mozilla-thunderbird-fi-1.5.0.8-1.1.C30mdk.i586.rpm\n 2eac2aaeb4fe209f98aa85505f6a9b87 corporate/3.0/i586/mozilla-thunderbird-fr-1.5.0.8-1.1.C30mdk.i586.rpm\n d8d8fc30075f0848859cbe96b26404a7 corporate/3.0/i586/mozilla-thunderbird-ga-1.5.0.8-1.1.C30mdk.i586.rpm\n 3af19a8b01fb316451132e6460c7deb0 corporate/3.0/i586/mozilla-thunderbird-gu_IN-1.5.0.8-1.1.C30mdk.i586.rpm\n f7aed893e50dff94f47d658d70093824 corporate/3.0/i586/mozilla-thunderbird-he-1.5.0.8-1.1.C30mdk.i586.rpm\n ab6ead860edf6de4935aa3bb4ecf4721 corporate/3.0/i586/mozilla-thunderbird-hu-1.5.0.8-1.1.C30mdk.i586.rpm\n a9b0bc2b2bcf186b5a284cba3d6cad19 corporate/3.0/i586/mozilla-thunderbird-it-1.5.0.8-1.1.C30mdk.i586.rpm\n 373554b2032c20a61c48f4a4e11e5b57 corporate/3.0/i586/mozilla-thunderbird-ja-1.5.0.8-1.1.C30mdk.i586.rpm\n 1a2efc51627d9f55929e1b33e20f5274 corporate/3.0/i586/mozilla-thunderbird-ko-1.5.0.8-1.1.C30mdk.i586.rpm\n 27ab1d70b317c477b56df8223a8477b4 corporate/3.0/i586/mozilla-thunderbird-lt-1.5.0.8-1.1.C30mdk.i586.rpm\n 0bcd50b34bec84016747f4919b43b8e1 corporate/3.0/i586/mozilla-thunderbird-mk-1.5.0.8-1.1.C30mdk.i586.rpm\n 4b26e1653ccf78604c16b25ed7357dfb corporate/3.0/i586/mozilla-thunderbird-nb-1.5.0.8-1.1.C30mdk.i586.rpm\n ea1a0d0349f9a2f26b23c7678d7e5736 corporate/3.0/i586/mozilla-thunderbird-nl-1.5.0.8-1.1.C30mdk.i586.rpm\n 7d7c13e7a820c069b3c657adf57443d9 corporate/3.0/i586/mozilla-thunderbird-pa_IN-1.5.0.8-1.1.C30mdk.i586.rpm\n ef0755e523de702c802890f494ee5ea0 corporate/3.0/i586/mozilla-thunderbird-pl-1.5.0.8-1.1.C30mdk.i586.rpm\n f7618d53bff6c0764297f2352c5d0239 corporate/3.0/i586/mozilla-thunderbird-pt_BR-1.5.0.8-1.1.C30mdk.i586.rpm\n 8df8db645153b5f7539044d5f892ad54 corporate/3.0/i586/mozilla-thunderbird-ru-1.5.0.8-1.1.C30mdk.i586.rpm\n d26cb2fbb5301bcf127ea4e4606f52b9 corporate/3.0/i586/mozilla-thunderbird-sk-1.5.0.8-1.1.C30mdk.i586.rpm\n f57d3dd11471a798542b87f0a3c68e82 corporate/3.0/i586/mozilla-thunderbird-sl-1.5.0.8-1.1.C30mdk.i586.rpm\n f3aede5440aeb78b59350fe56bb221d2 corporate/3.0/i586/mozilla-thunderbird-sv-1.5.0.8-1.1.C30mdk.i586.rpm\n bda7588d80565c17190fb407bdc3b1b2 corporate/3.0/i586/mozilla-thunderbird-tr-1.5.0.8-1.1.C30mdk.i586.rpm\n 5f0764d5685d0836bd718fdc86b8a73a corporate/3.0/i586/mozilla-thunderbird-zh_CN-1.5.0.8-1.1.C30mdk.i586.rpm\n 2a1892c7e027dba761df43c98bb5e85f corporate/3.0/i586/nsinstall-1.5.0.8-1.1.C30mdk.i586.rpm \n 04cdbf8cd4c1b9baf1b1c34e0c7bfcb9 corporate/3.0/SRPMS/mozilla-thunderbird-1.5.0.8-1.1.C30mdk.src.rpm\n 98c5a4c000178cf57677fa6ee70adb71 corporate/3.0/SRPMS/mozilla-thunderbird-enigmail-l10n-1.5.0.8-1.1.C30mdk.src.rpm\n 124ecce0dd9a26b565eef6c2f7e14401 corporate/3.0/SRPMS/mozilla-thunderbird-l10n-1.5.0.8-1.1.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n c109965ada094232d0958a8121be977a corporate/3.0/x86_64/mozilla-thunderbird-1.5.0.8-1.1.C30mdk.x86_64.rpm\n e50d4054e85e4624b285067c75cfab18 corporate/3.0/x86_64/mozilla-thunderbird-bg-1.5.0.8-1.1.C30mdk.x86_64.rpm\n f8cc5e4a36961ef4db2b8632fc6734d9 corporate/3.0/x86_64/mozilla-thunderbird-ca-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 70e0a1878ce810ee835e7eca08a11e12 corporate/3.0/x86_64/mozilla-thunderbird-cs-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 50abb11664ca02e6d77cbf30396e5398 corporate/3.0/x86_64/mozilla-thunderbird-da-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 5565876286c51872fb0ff90df059f052 corporate/3.0/x86_64/mozilla-thunderbird-de-1.5.0.8-1.1.C30mdk.x86_64.rpm\n cdd3892a5ba2a7c1ffe29d009e9d23a9 corporate/3.0/x86_64/mozilla-thunderbird-devel-1.5.0.8-1.1.C30mdk.x86_64.rpm\n ba3e7a92e79e00cd74b722ab94d832eb corporate/3.0/x86_64/mozilla-thunderbird-el-1.5.0.8-1.1.C30mdk.x86_64.rpm\n c11927081645df376c72f27e8ebc6a85 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 448172b7c753b48c81b2a2c5d337b9e5 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-ca-1.5.0.8-1.1.C30mdk.x86_64.rpm\n b83c0eb2158672f087fd5754ca27efad corporate/3.0/x86_64/mozilla-thunderbird-enigmail-cs-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 49b91f3eae7a0773ecce62f635a6dfe9 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-de-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 3a0cf5325721e29c4eba9ee7cbc7efb7 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-el-1.5.0.8-1.1.C30mdk.x86_64.rpm\n cadf1aff1e915adb9e14539eb04521db corporate/3.0/x86_64/mozilla-thunderbird-enigmail-es-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 8218118b837bf05b3603652f0d4c5690 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-es_AR-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 7c7190fc9ec1fc5774436ec7b0c92fd5 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-fi-1.5.0.8-1.1.C30mdk.x86_64.rpm\n a42f63c64470ba933d6239bdf8b1569c corporate/3.0/x86_64/mozilla-thunderbird-enigmail-fr-1.5.0.8-1.1.C30mdk.x86_64.rpm\n af8c5d7e3569278f3e9d364362be25b3 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-hu-1.5.0.8-1.1.C30mdk.x86_64.rpm\n c749a5b7ac03ad98919f83425fcbd4c2 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-it-1.5.0.8-1.1.C30mdk.x86_64.rpm\n ac82cd1f4fc0c5ed57be5b165cc65be4 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-ja-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 0fbd67977bdfc1b1f9aa3c846c80c244 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-nb-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 4d26f0c7b32d3888e1e5c4c14516a4df corporate/3.0/x86_64/mozilla-thunderbird-enigmail-nl-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 37fbc8358f1f11d5cb9f0e9b2fab3b26 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-pl-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 6bec775a601e84be547246ae5638d059 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-pt-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 0dc1c40ef6d1a233661048447db25543 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-pt_BR-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 7ec948cc8df84aae6b3d660bd4187208 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-ru-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 4b7ba48ffeff51709b26c8f315a4aaa1 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-sk-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 94fceae9b7bc6d48fe2677eecaaf11a6 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-sl-1.5.0.8-1.1.C30mdk.x86_64.rpm\n d578499c38c981f2b8cc55fc1351efef corporate/3.0/x86_64/mozilla-thunderbird-enigmail-sv-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 095291274be4a418d05c4e96cb441d90 corporate/3.0/x86_64/mozilla-thunderbird-enigmail-zh_CN-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 272b554e86966e103d3e7f42b5cba9db corporate/3.0/x86_64/mozilla-thunderbird-es-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 52bd52c4d5eaad6fa541dd20db5411d0 corporate/3.0/x86_64/mozilla-thunderbird-es_AR-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 2536b28aa209a912ff74601db4e685b4 corporate/3.0/x86_64/mozilla-thunderbird-eu-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 484ad35799b9a8cd277754bf1b13d686 corporate/3.0/x86_64/mozilla-thunderbird-fi-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 42ff5a3a8320c4be3ffb1f1d74912f78 corporate/3.0/x86_64/mozilla-thunderbird-fr-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 8a46a1d9f9380c205699ce090d749ff2 corporate/3.0/x86_64/mozilla-thunderbird-ga-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 3c30c5aeee783bfabe34fb1ff7357d38 corporate/3.0/x86_64/mozilla-thunderbird-gu_IN-1.5.0.8-1.1.C30mdk.x86_64.rpm\n a90b14f77d6eed2228bfa55457803f6f corporate/3.0/x86_64/mozilla-thunderbird-he-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 719239492f7d93b04f2c95902fccf94c corporate/3.0/x86_64/mozilla-thunderbird-hu-1.5.0.8-1.1.C30mdk.x86_64.rpm\n f52bcdf19f10745e756f0d58616126df corporate/3.0/x86_64/mozilla-thunderbird-it-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 79826e403152cbe90ddf3bd4d8d64abe corporate/3.0/x86_64/mozilla-thunderbird-ja-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 18c08993c8f43c976be6cf2e8cfb2c35 corporate/3.0/x86_64/mozilla-thunderbird-ko-1.5.0.8-1.1.C30mdk.x86_64.rpm\n b17866029fe4244a77af59fbb55a07b9 corporate/3.0/x86_64/mozilla-thunderbird-lt-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 878f59fdb3ebb5929fc23437a17fb5ad corporate/3.0/x86_64/mozilla-thunderbird-mk-1.5.0.8-1.1.C30mdk.x86_64.rpm\n d62fb25dc173e8b12be8623ae8fbf9bf corporate/3.0/x86_64/mozilla-thunderbird-nb-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 266322718c7cedd78e89524940f15d55 corporate/3.0/x86_64/mozilla-thunderbird-nl-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 32c5fcab859aff66aaf704b997a1c625 corporate/3.0/x86_64/mozilla-thunderbird-pa_IN-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 17d7eeb0fbd25df1f76d5fa875ef7a3d corporate/3.0/x86_64/mozilla-thunderbird-pl-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 4aabd47a35cb15547ccbe4eda1b521e8 corporate/3.0/x86_64/mozilla-thunderbird-pt_BR-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 1d8d27be2902605b0eae9dcbd89654cc corporate/3.0/x86_64/mozilla-thunderbird-ru-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 6c116048a69b3c176831fde5ff0a252a corporate/3.0/x86_64/mozilla-thunderbird-sk-1.5.0.8-1.1.C30mdk.x86_64.rpm\n e5bcb8518c5a61e63e62f90c363c67ae corporate/3.0/x86_64/mozilla-thunderbird-sl-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 5569afdd940d28bdf37a1003d5d5d6b0 corporate/3.0/x86_64/mozilla-thunderbird-sv-1.5.0.8-1.1.C30mdk.x86_64.rpm\n d00245da432be7a7d268846891555930 corporate/3.0/x86_64/mozilla-thunderbird-tr-1.5.0.8-1.1.C30mdk.x86_64.rpm\n ee130a70f9b1fe5719fea63963f3db6d corporate/3.0/x86_64/mozilla-thunderbird-zh_CN-1.5.0.8-1.1.C30mdk.x86_64.rpm\n 81f41bebeb9eca34d7c27ab81ca41af6 corporate/3.0/x86_64/nsinstall-1.5.0.8-1.1.C30mdk.x86_64.rpm \n 04cdbf8cd4c1b9baf1b1c34e0c7bfcb9 corporate/3.0/SRPMS/mozilla-thunderbird-1.5.0.8-1.1.C30mdk.src.rpm\n 98c5a4c000178cf57677fa6ee70adb71 corporate/3.0/SRPMS/mozilla-thunderbird-enigmail-l10n-1.5.0.8-1.1.C30mdk.src.rpm\n 124ecce0dd9a26b565eef6c2f7e14401 corporate/3.0/SRPMS/mozilla-thunderbird-l10n-1.5.0.8-1.1.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFU42GmqjQ0CJFipgRAiJgAKDQ8K7lgpOsNzXOQcSOrfcVrHQ4sACeLaqm\n75x+jP9FNzlE7ieAV3r7Czs=\n=DdKu\n-----END PGP SIGNATURE-----\n\n. =========================================================== \nUbuntu Security Notice USN-381-1 November 16, 2006\nfirefox vulnerabilities\nCVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747,\nCVE-2006-5748\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 5.10\nUbuntu 6.06 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 5.10:\n firefox 1.5.dfsg+1.5.0.8-0ubuntu0.5.10\n firefox-dev 1.5.dfsg+1.5.0.8-0ubuntu0.5.10\n\nUbuntu 6.06 LTS:\n firefox 1.5.dfsg+1.5.0.8-0ubuntu0.6.06\n firefox-dev 1.5.dfsg+1.5.0.8-0ubuntu0.6.06\n libnspr-dev 1.5.dfsg+1.5.0.8-0ubuntu0.6.06\n libnspr4 1.5.dfsg+1.5.0.8-0ubuntu0.6.06\n libnss-dev 1.5.dfsg+1.5.0.8-0ubuntu0.6.06\n libnss3 1.5.dfsg+1.5.0.8-0ubuntu0.6.06\n\nAfter a standard system upgrade you need to restart Firefox to\neffect the necessary changes. \n\nDetails follow:\n\nUSN-351-1 fixed a flaw in the verification of PKCS certificate\nsignatures. Ulrich Kuehn discovered a variant of the original attack\nwhich the original fix did not cover. (CVE-2006-5463,\nCVE-2006-5464, CVE-2006-5747, CVE-2006-5748)\n\n\nUpdated packages for Ubuntu 5.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10.diff.gz\n Size/MD5: 177335 10b377fae580ae8f70363ffd70e47269\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10.dsc\n Size/MD5: 1056 5db441b8802f27c49571095404b73bb7\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8.orig.tar.gz\n Size/MD5: 44080423 9716c747d634997ec34dbf5f2e9ed80f\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_all.deb\n Size/MD5: 49586 9c0480fccb28d05f504b4b07811bccc1\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_all.deb\n Size/MD5: 50476 ad8be2b891ceb1884c64b04057201418\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb\n Size/MD5: 82786 7c57efcd467f65b5fddb99045f368cde\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb\n Size/MD5: 10228966 98741e95215a819e389680e91f18e72e\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb\n Size/MD5: 3152342 e0ab77c6e143bb59b43fd92d34b68900\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb\n Size/MD5: 216484 8c13b0af86b6f83f5ee92e6367a887d7\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb\n Size/MD5: 210022 38257be6e6a43928bb10802118a264af\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb\n Size/MD5: 75156 0d8a65e5fa64cb0e4230e85e975a05d7\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb\n Size/MD5: 3152316 f4b306a5bf76d7788c581ae969a754d0\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb\n Size/MD5: 8651302 6f375546f6d948932f4a1652b3569e70\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb\n Size/MD5: 3152444 7293cd7542ea90e41823b76b822a6e8b\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb\n Size/MD5: 213430 b274f35517ffb38ce880679d79764a52\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb\n Size/MD5: 78406 41578a0497fce59bee796ff4fcdaab3c\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb\n Size/MD5: 9831168 0aabf7e840fef774adc05edef039caad\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb\n Size/MD5: 76784 d69cac5024601a5ea20074e9964e288e\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb\n Size/MD5: 9166628 27f5d52e3c828c8b1604b0982dda7cc3\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb\n Size/MD5: 210978 4a5ffba99714c584ca8e349b988c4400\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb\n Size/MD5: 3152400 65ee6a126404960525e73d7c32d587d7\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06.diff.gz\n Size/MD5: 175871 52f1c28309ee6c7ef8c2f1d43d963cf8\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06.dsc\n Size/MD5: 1113 cd1281da2de45441a5a3e6034a38ab13\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8.orig.tar.gz\n Size/MD5: 44080423 9716c747d634997ec34dbf5f2e9ed80f\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_all.deb\n Size/MD5: 49602 ab797aec8733b6c3e2280cdb09b64d1a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_all.deb\n Size/MD5: 50490 1b3e5005f5e3fa797b3682b200cc50d4\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb\n Size/MD5: 47328882 934c4351e36288e88e1168c041542f5a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb\n Size/MD5: 2798910 7ee44fb3180623ce8a3a1f9efeb0d419\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb\n Size/MD5: 216552 92a1743a061e332e080a626dbd399570\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb\n Size/MD5: 82776 7d4b77da6a355c5e9f0113aaba778b03\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb\n Size/MD5: 9420500 dc95e234fc1c321b64073816aa347550\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb\n Size/MD5: 219228 e12302edf6ea04accaf83a8879dff274\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb\n Size/MD5: 162300 35187fec0d3be43ef0aa9bd83dfabd6b\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb\n Size/MD5: 236150 c98d56050fe2e27e3915acf2662aa8d4\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb\n Size/MD5: 757954 8ee38f642969b44e7d342d89e0c91dfd\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb\n Size/MD5: 43902878 41afd17ae29b433ff26e51ef80e04599\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb\n Size/MD5: 2798856 219ca82f455cad14a0021c0f66d6e8c0\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb\n Size/MD5: 209962 02b36bc31e994256b74dd3d84dba7254\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb\n Size/MD5: 75136 388a11c39a72e0a9a1969a5a1c0a48f8\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb\n Size/MD5: 7932082 d6b266569d4bf056aa04a760459b8fc8\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb\n Size/MD5: 219220 38b33e647137f579876b9047657fe390\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb\n Size/MD5: 146980 57afd15fd3b17f8d5bf53b72592889e4\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb\n Size/MD5: 236146 3936122367330caea7cf573973bdb0a2\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb\n Size/MD5: 670102 67a930f2102173f1c84dd0ddf751b388\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb\n Size/MD5: 48721788 ad5ed6cebb6c5c97521e8416cbb6ba06\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb\n Size/MD5: 2798932 aa5d623d34acb2bea9e7a1dc21e891dc\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb\n Size/MD5: 213390 0323fadebfa079e9724e1cf3e930b977\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb\n Size/MD5: 78300 fda19c102717648e93f332314c0d8020\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb\n Size/MD5: 9031548 360d013efe74f061ba266d4ae7ff9177\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb\n Size/MD5: 219224 7385d32cb21f0b83933822c4495a6783\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb\n Size/MD5: 159522 ee71fefedbaade594b3b0064524db684\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb\n Size/MD5: 236156 8ea5d14656d349724f5b254e035dfc2f\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb\n Size/MD5: 768836 19b4c155f8c00ccff6656590d4ffc3be\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb\n Size/MD5: 45291164 417432698e5e51ae96d59ac90cc8390a\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb\n Size/MD5: 2798918 6d3cfdc63c80688263b567e06e876d74\n http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb\n Size/MD5: 210898 d8884f2ae360e55fdcad1b1ef8b3e338\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb\n Size/MD5: 76754 68db0c6ff37422083ed5f0a46103a723\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb\n Size/MD5: 8425346 ea28be8619f1411eaff2f7fba07a47f5\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb\n Size/MD5: 219232 a81a2dedef311f71a8c3ae1b96d7b9d1\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb\n Size/MD5: 149470 08152c38d3129bc6bf3164d6f48727cc\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb\n Size/MD5: 236140 3b742ce49bbb397b1de45a8371672828\n http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb\n Size/MD5: 682188 d4155e8163fed88108c17a31d0320e69\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1225-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nDecember 3rd, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : mozilla-firefox\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2006-4310 CVE-2006-5462 CVE-2006-5463 CVE-2006-5464\n CVE-2006-5748\nCERT advisories: VU#335392 VU#390480 VU#495288 VU#714496 \nBugTraq IDs : 19678 20957\n\nSeveral security related problems have been discovered in Mozilla and\nderived products such as Mozilla Firefox. The Common Vulnerabilities\nand Exposures project identifies the following vulnerabilities:\n\nCVE-2006-4310\n\n Tomas Kempinsky discovered that malformed FTP server responses\n could lead to denial of service. \n\nCVE-2006-5462\n\n Ulrich K\\xfchn discovered that the correction for a cryptographic\n flaw in the handling of PKCS-1 certificates was incomplete, which\n allows the forgery of certificates. \n\nCVE-2006-5463\n\n \"shutdown\" discovered that modification of JavaScript objects\n during execution could lead to the execution of arbitrary\n JavaScript bytecode. \n\nCVE-2006-5464\n\n Jesse Ruderman and Martijn Wargers discovered several crashes in\n the layout engine, which might also allow execution of arbitrary\n code. \n\nCVE-2006-5748\n\n Igor Bukanov and Jesse Ruderman discovered several crashes in the\n JavaScript engine, which might allow execution of arbitrary code. \n\nThis update also adresses several crashes, which could be triggered by\nmalicious websites and fixes a regression introduced in the previous\nMozilla update. \n\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.0.4-2sarge13. \n\nFor the unstable distribution (sid) these problems have been fixed in\nthe current iceweasel package 2.0+dfsg-1. \n\nWe recommend that you upgrade your mozilla-firefox package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13.dsc\n Size/MD5 checksum: 1003 4a8d05c1e9563e6066ca838e7c0b2f53\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13.diff.gz\n Size/MD5 checksum: 450265 46d4bedf12a1e0c92a275ae012d92b5a\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz\n Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_alpha.deb\n Size/MD5 checksum: 11182242 388bf02a94456182cd7a39187886875a\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_alpha.deb\n Size/MD5 checksum: 170908 4cbff185bb88b1c7e11791059cd83142\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_alpha.deb\n Size/MD5 checksum: 62736 f42571aa18001fc521be0f5348eb9511\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_amd64.deb\n Size/MD5 checksum: 9412474 fcd7ced169a47d7413197a918047036a\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_amd64.deb\n Size/MD5 checksum: 165706 931ebeee155ac01fcecb1467388a2fab\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_amd64.deb\n Size/MD5 checksum: 61276 cf839454fe9e09a0b58641353f9c75c6\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_arm.deb\n Size/MD5 checksum: 8233670 39a042f6300c805ad372828fd115cab0\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_arm.deb\n Size/MD5 checksum: 157176 873eb90c91c98e1c4168f215b493fd74\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_arm.deb\n Size/MD5 checksum: 56586 c53ca4b95b188684381338eae43603cc\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_hppa.deb\n Size/MD5 checksum: 10287242 8a7eddef738dfe4eb164bd5e486474a2\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_hppa.deb\n Size/MD5 checksum: 168624 fa195e512062a19cf92018de4009160d\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_hppa.deb\n Size/MD5 checksum: 61736 b0dbfbbce97f954c9487a126d20b9a90\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_i386.deb\n Size/MD5 checksum: 8908194 9cfe0ac430050c7d62066cd3f8beb64f\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_i386.deb\n Size/MD5 checksum: 160902 77a78dd1eac37417b4a5629e745e4391\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_i386.deb\n Size/MD5 checksum: 58124 f82b3d3fc66e1054d5da72a69ab9bd20\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_ia64.deb\n Size/MD5 checksum: 11646376 83d5349be8156e1f95eb75da89beb578\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_ia64.deb\n Size/MD5 checksum: 171244 46ae3d6d9112d31f92407922832e6599\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_ia64.deb\n Size/MD5 checksum: 65934 690969e2e7a865faee22ed6fb8a88384\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_m68k.deb\n Size/MD5 checksum: 8186050 ab9f31d6cbd9ff6c1820c59ef1e44ce7\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_m68k.deb\n Size/MD5 checksum: 159792 69c3cf68fc12fd5fb3929339aa8cd9cb\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_m68k.deb\n Size/MD5 checksum: 57394 14636fe25df3a18c536819129e83e1a0\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_mips.deb\n Size/MD5 checksum: 9943474 75b7796d42079421a151bfac35a17f95\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_mips.deb\n Size/MD5 checksum: 158694 a3c6f1c71947cb5e9c2fc8d8acece832\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_mips.deb\n Size/MD5 checksum: 58386 395683ab3ebb0983e24bc3afde8d28f5\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_mipsel.deb\n Size/MD5 checksum: 9819470 41ecbd5f3543c0b110771e93e2307abc\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_mipsel.deb\n Size/MD5 checksum: 157672 43ca2a353bacf378a2dc7dfa9a7f3a73\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_mipsel.deb\n Size/MD5 checksum: 57634 8d16796108c3a7627ab9654e977277a5\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_powerpc.deb\n Size/MD5 checksum: 8580222 c2f239d0961911962bea6b7f7bf1cdc1\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_powerpc.deb\n Size/MD5 checksum: 159320 5a5ea9d8a9f7a845bc1898b0c9976112\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_powerpc.deb\n Size/MD5 checksum: 60508 3ce3df0f45aeef3acb1964960bf76406\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_s390.deb\n Size/MD5 checksum: 9650866 9fd3e3788898152580a0ab344112b5ab\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_s390.deb\n Size/MD5 checksum: 166290 70bcea0f67fc9d0288c75bb2ad8e7b36\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_s390.deb\n Size/MD5 checksum: 60696 7d6b7a3cf65fa798f3e41275f4bb9967\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_sparc.deb\n Size/MD5 checksum: 8672090 c32301aeb3eb3ebbad2ff26f56d3e9ee\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_sparc.deb\n Size/MD5 checksum: 159508 7c3fd5b5a0c78c8abf09082dcb06bbfc\n http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_sparc.deb\n Size/MD5 checksum: 56946 0b154ceb732d771ca492e4d98ea21350\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niD8DBQFFcvzPW5ql+IAeqTIRAv/HAJwNUC+NOPCf2Nq1161rGipNubPqDQCfWnmg\nFvfjUK0FBtQjuT9x9Fg3gu8=\n=1YQv\n-----END PGP SIGNATURE-----\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5462"
},
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "PACKETSTORM",
"id": "51980"
},
{
"db": "PACKETSTORM",
"id": "52429"
},
{
"db": "PACKETSTORM",
"id": "52759"
},
{
"db": "PACKETSTORM",
"id": "52758"
}
],
"trust": 5.94
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "22722",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#335392",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-5462",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "23009",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23013",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22727",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23883",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22763",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22929",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22815",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22770",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22980",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-312A",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 1.6
},
{
"db": "BID",
"id": "22083",
"trust": 1.6
},
{
"db": "BID",
"id": "19849",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "23197",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22817",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23235",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22066",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24711",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23287",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23297",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22737",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22965",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23263",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23202",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017181",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017182",
"trust": 1.0
},
{
"db": "SECTRACK",
"id": "1017180",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0293",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3748",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4387",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1198",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0083",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22679",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 0.8
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#191336",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-312A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#594904",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "51595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51980",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52429",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52758",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "PACKETSTORM",
"id": "51980"
},
{
"db": "PACKETSTORM",
"id": "52429"
},
{
"db": "PACKETSTORM",
"id": "52759"
},
{
"db": "PACKETSTORM",
"id": "52758"
},
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"id": "VAR-200110-0176",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24822762333333337
},
"last_update_date": "2024-11-27T21:10:48.089000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02153",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742"
},
{
"title": "HPSBUX02156",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00774579"
},
{
"title": "HPSBUX02153",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02153.html"
},
{
"title": "HPSBUX02156",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02156.html"
},
{
"title": "firefox",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=476"
},
{
"title": "seamonkey (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=984"
},
{
"title": "mfsa2006-66",
"trust": 0.8,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"title": "mfsa2006-66",
"trust": 0.8,
"url": "http://www.mozilla-japan.org/security/announce/2006/mfsa2006-66.html"
},
{
"title": "RHSA-2006:0733",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0733.html"
},
{
"title": "RHSA-2006:0734",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0734.html"
},
{
"title": "RHSA-2006:0735",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0735.html"
},
{
"title": "102781",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1"
},
{
"title": "TLSA-2006-43",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-43.txt"
},
{
"title": "RHSA-2006:0733",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0733J.html"
},
{
"title": "RHSA-2006:0734",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0734J.html"
},
{
"title": "RHSA-2006:0735",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0735J.html"
},
{
"title": "TLSA-2006-43",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-43j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
},
{
"trust": 2.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-312a.html"
},
{
"trust": 1.8,
"url": "http://www.kb.cert.org/vuls/id/335392"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/22722/"
},
{
"trust": 1.6,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
},
{
"trust": 1.1,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.1,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061101-01-p"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30098"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23013"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-381-1"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22066"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22727"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23235"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22770"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22929"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23263"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1225"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22815"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23297"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200612-06.xml"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200612-07.xml"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_68_mozilla.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10478"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017182"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22763"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22737"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23287"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23009"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23202"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:206"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23197"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017180"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1198"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22980"
},
{
"trust": 1.0,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00771742"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1227"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23883"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22722"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24711"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1224"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:205"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22965"
},
{
"trust": 1.0,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=356215"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-382-1"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1017181"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0293"
},
{
"trust": 1.0,
"url": "http://security.gentoo.org/glsa/glsa-200612-08.xml"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22817"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4387"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/22679/"
},
{
"trust": 0.9,
"url": "http://projects.info-pull.com/mokb/mokb-01-11-2006.html"
},
{
"trust": 0.8,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=356215 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22929/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22980/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23013/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22763/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23009/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22815/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22727/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22770/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23883/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/19849"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://standards.ieee.org/announcements/pr_frames.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-5462"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/4387"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-312a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-312a/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-5462"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-312a.html"
},
{
"trust": 0.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5464"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5748"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5462"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5463"
},
{
"trust": 0.3,
"url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
},
{
"trust": 0.3,
"url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2137.html"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-451.php"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
},
{
"trust": 0.3,
"url": "http://www.openssl.org/news/secadv_20060905.txt"
},
{
"trust": 0.3,
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
},
{
"trust": 0.3,
"url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
},
{
"trust": 0.3,
"url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
},
{
"trust": 0.3,
"url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
},
{
"trust": 0.3,
"url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"trust": 0.3,
"url": "/archive/1/446038"
},
{
"trust": 0.3,
"url": "http://docs.info.apple.com/article.html?artnum=307177"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.sybase.com/detail?id=1047991"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/594904"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5747"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4310"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/96/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-67.html"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5464"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5462"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-65.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5463"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5747"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5748"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.8-0ubuntu0.6.06_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.8-0ubuntu0.5.10_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.8-0ubuntu0.6.06_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge12_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge12_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge13_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge12_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge13_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge13_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_m68k.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge8_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge8_hppa.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "PACKETSTORM",
"id": "51980"
},
{
"db": "PACKETSTORM",
"id": "52429"
},
{
"db": "PACKETSTORM",
"id": "52759"
},
{
"db": "PACKETSTORM",
"id": "52758"
},
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#335392"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#191336"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "19849"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"db": "PACKETSTORM",
"id": "51595"
},
{
"db": "PACKETSTORM",
"id": "51980"
},
{
"db": "PACKETSTORM",
"id": "52429"
},
{
"db": "PACKETSTORM",
"id": "52759"
},
{
"db": "PACKETSTORM",
"id": "52758"
},
{
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-11-08T00:00:00",
"db": "CERT/CC",
"id": "VU#335392"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#191336"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-05T00:00:00",
"db": "BID",
"id": "19849"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"date": "2006-11-03T00:05:01",
"db": "PACKETSTORM",
"id": "51595"
},
{
"date": "2006-11-13T16:04:12",
"db": "PACKETSTORM",
"id": "51980"
},
{
"date": "2006-11-22T02:48:54",
"db": "PACKETSTORM",
"id": "52429"
},
{
"date": "2006-12-06T05:20:15",
"db": "PACKETSTORM",
"id": "52759"
},
{
"date": "2006-12-06T05:18:55",
"db": "PACKETSTORM",
"id": "52758"
},
{
"date": "2006-11-08T21:07:00",
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-23T00:00:00",
"db": "CERT/CC",
"id": "VU#335392"
},
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#191336"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2015-03-19T08:19:00",
"db": "BID",
"id": "19849"
},
{
"date": "2007-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000761"
},
{
"date": "2024-11-21T00:19:20.283000",
"db": "NVD",
"id": "CVE-2006-5462"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Mozilla Network Security Services library fails to properly verify RSA signatures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#335392"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "19849"
}
],
"trust": 0.3
}
}
var-200706-0666
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform "charset detection" when the content-type is not specified. When Hitachi Web Server receives a request that contains malicious scripts, they are inserted into the server-satus page the Server automatically creates. This allows the inserted malicious scripts to be executed on the client machines. The vulnerability does not affect the product if the server-status reporting feature is disabled.An attacker could execute malicious scripts. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated (CVE-2007-3304).
Updated packages have been patched to prevent the above issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
Updated Packages:
Mandriva Linux 2007.0: 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.1: 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm
Corporate 4.0: 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS Re00IyLecNs4MIGgsrv2qJE= =5EEm -----END PGP SIGNATURE-----
.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.6 *>= 2.0.59-r5 >= 2.2.6
Description
Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error has been discovered in the recall_headers() function in mod_mem_cache (CVE-2007-1862). The mod_cache module does not properly sanitize requests before processing them (CVE-2007-1863). The Prefork module does not properly check PID values before sending signals (CVE-2007-3304). The mod_proxy module does not correctly check headers before processing them (CVE-2007-3847).
Impact
A remote attacker could exploit one of these vulnerabilities to inject arbitrary script or HTML content, obtain sensitive information or cause a Denial of Service.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.0.59-r5"
References
[ 1 ] CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 [ 2 ] CVE-2007-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 [ 3 ] CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 [ 4 ] CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 [ 5 ] CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 [ 6 ] CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200711-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
TITLE: Hitachi Web Server Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA27421
VERIFY ADVISORY: http://secunia.com/advisories/27421/
CRITICAL: Less critical
IMPACT: Security Bypass, Cross Site Scripting
WHERE:
From remote
SOFTWARE: uCosminexus Application Server http://secunia.com/product/13819/ Hitachi Web Server 3.x http://secunia.com/product/13335/ Hitachi Web Server 2.x http://secunia.com/product/13334/ Hitachi Web Server 1.x http://secunia.com/product/13333/
DESCRIPTION: Some vulnerabilities have been reported in the Hitachi Web Server, which can be exploited by malicious people to bypass certain security restrictions or conduct cross-site scripting attacks.
1) An error exists within the handling of SSL requests. This can be exploited to trick a vulnerable server into accepting a forged signature.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01178795 Version: 1
HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-02 Last Updated: 2007-10-02
Potential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX.
References: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache
BACKGROUND To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision A.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01
action: install revision B.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability. HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent.
MANUAL ACTIONS: Yes - Update Install HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 02 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ HHoe3AY1sc6hrW3Xk+B1hcbr =+E1W -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-499-1 August 16, 2007 apache2 vulnerabilities CVE-2006-5752, CVE-2007-1863, CVE-2007-3304 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.2 apache2-mpm-prefork 2.0.55-4ubuntu2.2 apache2-mpm-worker 2.0.55-4ubuntu2.2
Ubuntu 6.10: apache2-common 2.0.55-4ubuntu4.1 apache2-mpm-prefork 2.0.55-4ubuntu4.1 apache2-mpm-worker 2.0.55-4ubuntu4.1
Ubuntu 7.04: apache2-mpm-prefork 2.2.3-3.2ubuntu0.1 apache2-mpm-worker 2.2.3-3.2ubuntu0.1 apache2.2-common 2.2.3-3.2ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. (CVE-2006-5752)
Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)
A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz
Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc
Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb
Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171082 4318f93373b705563251f377ed398614
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb
Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb
Size/MD5: 131850 951a4573901bc2f10d5febf940d57516
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 171864 200ab662b2c13786658486df37fda881
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb
Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb
Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz
Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc
Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb
Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 171304 c4395af051e876228541ef5b8037d979
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb
Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 172078 01ccd554177364747b08e2933f121d2c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 93240 4573597317416869646eb2ea42cd0945
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb
Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb
Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 211578 9407383d85db831dab728b39cce9acc8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb
Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz
Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc
Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 2199184 c03756f87cb164213428532f70e0c198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb
Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 341312 906819b0de863209575aa65d39a594a5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb
Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb
Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 446960 af1b667708e062f81bca4e995355394d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 404146 fd35e65fadd836feb0190b209947b466
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb
Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 430574 7b690896da23a151ee5e106d596c1143
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 343370 1572a001a612add57d23350210ac1736
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb
Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0666",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cosminexus server - web edition",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "web server",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - standard edition",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 1.6,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 1.6,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 1.6,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "cosminexus server - enterprise edition",
"scope": null,
"trust": 1.6,
"vendor": "hitachi",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.06"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "6.10"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "7.04"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.2"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.5"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.0.59 and earlier"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "1.3.37 and earlier"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.1.0.13"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "http server",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.4 and earlier"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "version"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.2.23"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.8,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0.5"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)5.0"
},
{
"model": "hat network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4)4.2"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.42"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.28"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.26"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.12"
},
{
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6"
},
{
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.3"
},
{
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.2"
},
{
"model": "http server unix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.6.2"
},
{
"model": "http server win32",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.3.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "1.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0.2.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.58"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "interstage apworks standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage apworks enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "interactive response",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "software foundation apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "software foundation apache 2.3.38-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "software foundation apache 2.0.60-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "24645"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stefan Esser is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "24645"
}
],
"trust": 0.3
},
"cve": "CVE-2006-5752",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2006-5752",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2007-000773",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-5752",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2006-5752",
"trust": 0.8,
"value": "Medium"
},
{
"author": "IPA",
"id": "JVNDB-2007-000773",
"trust": 0.8,
"value": "Medium"
},
{
"author": "VULMON",
"id": "CVE-2006-5752",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browsers that perform \"charset detection\" when the content-type is not specified. When Hitachi Web Server receives a request that contains malicious scripts, they are inserted into the server-satus page the Server automatically creates. This allows the inserted malicious scripts to be executed on the client machines. The vulnerability does not affect the product if the server-status reporting feature is disabled.An attacker could execute malicious scripts. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. This could lead to a denial of service\n if using a threaded MPM (CVE-2007-1863). A local attacker with the\n ability to run scripts on the server could manipulate the scoreboard\n and cause arbitrary processes to be terminated (CVE-2007-3304). \n \n Updated packages have been patched to prevent the above issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 5f906bba3e1195f5ffbc3fcb2a6bde38 2007.0/i586/apache-base-2.2.3-1.1mdv2007.0.i586.rpm\n 83a4844cd98ef203958796ce280a71b2 2007.0/i586/apache-devel-2.2.3-1.1mdv2007.0.i586.rpm\n 2a6853cad61ca0548715486c5d4c8a23 2007.0/i586/apache-htcacheclean-2.2.3-1.1mdv2007.0.i586.rpm\n bebbc850c030be2ef87ce12d420fb825 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n 9e08e4738b304aab4f90f4f18aa5da45 2007.0/i586/apache-mod_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 989d0538f7882277053f6d4c89ca581c 2007.0/i586/apache-mod_dav-2.2.3-1.1mdv2007.0.i586.rpm\n c1c0fc53dd811dd6176800226574efbf 2007.0/i586/apache-mod_dbd-2.2.3-1.1mdv2007.0.i586.rpm\n e68509c01d66b9d42e676e7974360154 2007.0/i586/apache-mod_deflate-2.2.3-1.1mdv2007.0.i586.rpm\n 5596cb5359b7919125fc10be83598445 2007.0/i586/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.i586.rpm\n d71b54240667224fd7da7fec4693c30b 2007.0/i586/apache-mod_file_cache-2.2.3-1.1mdv2007.0.i586.rpm\n 3571cab041e622f9399c57f377ac3fe3 2007.0/i586/apache-mod_ldap-2.2.3-1.1mdv2007.0.i586.rpm\n 598fdd7aad80fdc557142c5e9fc00677 2007.0/i586/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.i586.rpm\n f4ec774478f5d198ad2e3d3384a5ad83 2007.0/i586/apache-mod_proxy-2.2.3-1.1mdv2007.0.i586.rpm\n ab7726290be59f03a5ade2029a2b02f8 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.i586.rpm\n d72ab4173d51da4a0c1df63dbb52ccf5 2007.0/i586/apache-mod_ssl-2.2.3-1.1mdv2007.0.i586.rpm\n fcde0ec8b64d83402b53f926ec7fa835 2007.0/i586/apache-mod_userdir-2.2.3-1.1mdv2007.0.i586.rpm\n 58a0628d42d23c9aa5df6567789fad40 2007.0/i586/apache-modules-2.2.3-1.1mdv2007.0.i586.rpm\n 011487e1afdfb400419303182e5320c7 2007.0/i586/apache-mpm-prefork-2.2.3-1.1mdv2007.0.i586.rpm\n 7a755b22020153b44f8d00ba153d3d97 2007.0/i586/apache-mpm-worker-2.2.3-1.1mdv2007.0.i586.rpm\n ef6e11f0d26db492bc9fe83a2dbf53d7 2007.0/i586/apache-source-2.2.3-1.1mdv2007.0.i586.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 7c5408879073413fb27f2d40854813d0 2007.0/x86_64/apache-base-2.2.3-1.1mdv2007.0.x86_64.rpm\n c720f2a661616b0bf35bc353d14b9b3b 2007.0/x86_64/apache-devel-2.2.3-1.1mdv2007.0.x86_64.rpm\n 12164d6d70972cb9ed2fb6581e212bf1 2007.0/x86_64/apache-htcacheclean-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5278f8d03ce9d59ec4929d4362b04bbe 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n 40c83185db12d04f4953a374b329ebb3 2007.0/x86_64/apache-mod_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n fe37fb1d4378c4bbcfd8d63bd57c3d4d 2007.0/x86_64/apache-mod_dav-2.2.3-1.1mdv2007.0.x86_64.rpm\n 0830bc5d1718a533e3358a45975596ce 2007.0/x86_64/apache-mod_dbd-2.2.3-1.1mdv2007.0.x86_64.rpm\n e18c3a6a322258e73b87170766aa7882 2007.0/x86_64/apache-mod_deflate-2.2.3-1.1mdv2007.0.x86_64.rpm\n fc8c27067e6b04bd549fe0b95579ebaa 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n b31385db2199fd33eeb624c80e9d882a 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 08123786649152eab65e123c75db8e66 2007.0/x86_64/apache-mod_ldap-2.2.3-1.1mdv2007.0.x86_64.rpm\n 7de4b739d93683648209dcdc69dd5473 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.1mdv2007.0.x86_64.rpm\n 85fde2923d945f3849d77f806b8bc55d 2007.0/x86_64/apache-mod_proxy-2.2.3-1.1mdv2007.0.x86_64.rpm\n b68991944f2989b6d3f89f7272239d76 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1mdv2007.0.x86_64.rpm\n 19871683773211daa721957dc5dd565d 2007.0/x86_64/apache-mod_ssl-2.2.3-1.1mdv2007.0.x86_64.rpm\n 5cf2a97219d6789e4572da1ecddedf16 2007.0/x86_64/apache-mod_userdir-2.2.3-1.1mdv2007.0.x86_64.rpm\n feede872aaf0ca4bbd86ffe24455e9cd 2007.0/x86_64/apache-modules-2.2.3-1.1mdv2007.0.x86_64.rpm\n a00a35d4eba8f538cea741b2fc4079f4 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.1mdv2007.0.x86_64.rpm\n da86251e4417f068d2cafed30e380779 2007.0/x86_64/apache-mpm-worker-2.2.3-1.1mdv2007.0.x86_64.rpm\n ceb7fd32d3ad933ab6a914085f858911 2007.0/x86_64/apache-source-2.2.3-1.1mdv2007.0.x86_64.rpm \n 411b90e42ed304f329e9989d64a9dfc5 2007.0/SRPMS/apache-2.2.3-1.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n 9daef91724ded29a3c76e74c261f7766 2007.1/i586/apache-base-2.2.4-6.2mdv2007.1.i586.rpm\n 9288ee938a0853d6e0072f839c68c1c2 2007.1/i586/apache-devel-2.2.4-6.2mdv2007.1.i586.rpm\n 613a986f9f654f1ce3432ee6f6db2391 2007.1/i586/apache-htcacheclean-2.2.4-6.2mdv2007.1.i586.rpm\n 8e0eb376d851d1ddba8850d4233fc3d3 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n 24de68668efa15e4abaaffd690837256 2007.1/i586/apache-mod_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 288866908d43959c4b31c368346ba65d 2007.1/i586/apache-mod_dav-2.2.4-6.2mdv2007.1.i586.rpm\n d25838ec739d7a0037148f573262f81c 2007.1/i586/apache-mod_dbd-2.2.4-6.2mdv2007.1.i586.rpm\n ebad14bcccb73c8f8a27e98a6982a6f1 2007.1/i586/apache-mod_deflate-2.2.4-6.2mdv2007.1.i586.rpm\n 810d445f2146848b582e798e368b32ab 2007.1/i586/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 307de93279683b5b3e76ee6d971781cc 2007.1/i586/apache-mod_file_cache-2.2.4-6.2mdv2007.1.i586.rpm\n f59890e1bc38cfa598a4100705cf4cc6 2007.1/i586/apache-mod_ldap-2.2.4-6.2mdv2007.1.i586.rpm\n 098a05d1cbaa6bfa2d2707896dd6366c 2007.1/i586/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.i586.rpm\n 6504f5e57440ff07da16de3d928898f6 2007.1/i586/apache-mod_proxy-2.2.4-6.2mdv2007.1.i586.rpm\n adc3a611a780e23178e93a6cedf135d4 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.i586.rpm\n 659508a67fbe28b5dd9f861384ca1cf1 2007.1/i586/apache-mod_ssl-2.2.4-6.2mdv2007.1.i586.rpm\n 604eb70716d7e7b6bc6e8399cc4d9f5c 2007.1/i586/apache-mod_userdir-2.2.4-6.2mdv2007.1.i586.rpm\n 750d7cb431356abc88fe7a031f872b04 2007.1/i586/apache-modules-2.2.4-6.2mdv2007.1.i586.rpm\n 210be718db221db891452f05a001ee4e 2007.1/i586/apache-mpm-event-2.2.4-6.2mdv2007.1.i586.rpm\n 482e3d3af6756108c3e9a26ec2a8ac56 2007.1/i586/apache-mpm-itk-2.2.4-6.2mdv2007.1.i586.rpm\n b76ff4578c127ebd248b21a85a31140a 2007.1/i586/apache-mpm-prefork-2.2.4-6.2mdv2007.1.i586.rpm\n 2484dee8a4d4e7604a69abcd1b443954 2007.1/i586/apache-mpm-worker-2.2.4-6.2mdv2007.1.i586.rpm\n 9823f9b97e1829df97999494c3a3d453 2007.1/i586/apache-source-2.2.4-6.2mdv2007.1.i586.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4d043339268bff11fa07897ee3dc2988 2007.1/x86_64/apache-base-2.2.4-6.2mdv2007.1.x86_64.rpm\n afbae73f408fa95c9e4d25e3aa39583d 2007.1/x86_64/apache-devel-2.2.4-6.2mdv2007.1.x86_64.rpm\n d92c22ff28fcd919b3a8525f753066c3 2007.1/x86_64/apache-htcacheclean-2.2.4-6.2mdv2007.1.x86_64.rpm\n abe81d2effd6f4975accbdc8d25d089e 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 480d5c31af3289f26953a691f92e2a51 2007.1/x86_64/apache-mod_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 3feae93ade4038e67fcbaa691f2a74aa 2007.1/x86_64/apache-mod_dav-2.2.4-6.2mdv2007.1.x86_64.rpm\n b60eead7fe808fbc5eff6cb34f1de80b 2007.1/x86_64/apache-mod_dbd-2.2.4-6.2mdv2007.1.x86_64.rpm\n 023afee3221da629fd8e1d34006b7463 2007.1/x86_64/apache-mod_deflate-2.2.4-6.2mdv2007.1.x86_64.rpm\n 1180446c8cf65c196352006d6da00e17 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0e8c2dfc0e42c23b0afbada9f8868bb6 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n 32aa45f45b8893d6c23c6892b7ad7e62 2007.1/x86_64/apache-mod_ldap-2.2.4-6.2mdv2007.1.x86_64.rpm\n 15c20ffb5fdc8ab2a6fa92157c9f0536 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.2mdv2007.1.x86_64.rpm\n f91fd6552f480eb36d030bb2e91d30b4 2007.1/x86_64/apache-mod_proxy-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2c9d1e35af7adebaeb6284bf5da4dd5f 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.2mdv2007.1.x86_64.rpm\n caa59aaba47c89d20e799a3f02271afd 2007.1/x86_64/apache-mod_ssl-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8ac44f8c409ea29492a3acdc1eb44c7f 2007.1/x86_64/apache-mod_userdir-2.2.4-6.2mdv2007.1.x86_64.rpm\n 0f2198ec988390ff3b7843a1e7090517 2007.1/x86_64/apache-modules-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2548664fde736f25acf59f46c847d1ff 2007.1/x86_64/apache-mpm-event-2.2.4-6.2mdv2007.1.x86_64.rpm\n 2434c402bae11969ddf5281f2f042d24 2007.1/x86_64/apache-mpm-itk-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a06ecd19726db033496a042c6a6be2f 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.2mdv2007.1.x86_64.rpm\n e8d339c397409391f3fb36f704c38c6c 2007.1/x86_64/apache-mpm-worker-2.2.4-6.2mdv2007.1.x86_64.rpm\n 8a6f923428242f7aa1b4d489739e241b 2007.1/x86_64/apache-source-2.2.4-6.2mdv2007.1.x86_64.rpm \n ccbd9fad2b29ff86d8601f7201f48d72 2007.1/SRPMS/apache-2.2.4-6.2mdv2007.1.src.rpm\n\n Corporate 4.0:\n 74beb8d1579ce5d5f12c8b15981b6e63 corporate/4.0/i586/apache-base-2.2.3-1.1.20060mlcs4.i586.rpm\n 326a8259b0d99bc2938bfa6cd85743e7 corporate/4.0/i586/apache-devel-2.2.3-1.1.20060mlcs4.i586.rpm\n ca305d0928255a65814af781b345a056 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.1.20060mlcs4.i586.rpm\n 48c2b6a5ee11c3f011b1f6dc60a86479 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n b81a3077cb88a34af43a61ad6f2559ea corporate/4.0/i586/apache-mod_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n ba5aee0b2a86182560e54f0cf4d360bd corporate/4.0/i586/apache-mod_dav-2.2.3-1.1.20060mlcs4.i586.rpm\n b696352106c5a0d1697385523455c767 corporate/4.0/i586/apache-mod_dbd-2.2.3-1.1.20060mlcs4.i586.rpm\n e79f271f000dd7f3a009cca70fd7e4a2 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.1.20060mlcs4.i586.rpm\n c7bdb987f61099b64e751639ca02dd8a corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n b0303fcc2f43bdcf25419dde56df2297 corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n f818ff0f890abe230c92069f9d256e5c corporate/4.0/i586/apache-mod_ldap-2.2.3-1.1.20060mlcs4.i586.rpm\n 4247be23e42c368b3880c7ab5ac13c89 corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.i586.rpm\n e50f1749935c96d3364bdce9af5d22bf corporate/4.0/i586/apache-mod_proxy-2.2.3-1.1.20060mlcs4.i586.rpm\n a619b4e0130d1db7f77a790fee0917a6 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.i586.rpm\n 8170e0e77256f08d07b02119400a19f9 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.1.20060mlcs4.i586.rpm\n 4a5d94d4f94295efe48266a1d529486e corporate/4.0/i586/apache-mod_userdir-2.2.3-1.1.20060mlcs4.i586.rpm\n 7c0c27197d6b44115366eac339c424f2 corporate/4.0/i586/apache-modules-2.2.3-1.1.20060mlcs4.i586.rpm\n 56351aafc723fdea2f2fac22d5046944 corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.i586.rpm\n ccbb2f27b762b5dd564dc7a00aac6db0 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.1.20060mlcs4.i586.rpm\n a65137ff29ed6a1da1f894d19997faec corporate/4.0/i586/apache-source-2.2.3-1.1.20060mlcs4.i586.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 7a9b4f5b3fcf2cac67e4c38022ee2441 corporate/4.0/x86_64/apache-base-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 5604ba341d957fbe6182bd2eb29a8e9d corporate/4.0/x86_64/apache-devel-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 8983bda4bbe3b58f9c6c317531eb52b7 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 9baf252cbc8ef8a093ed25e7a0daf25d corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 26cc58bcbfd25a83c15051c8f590a36d corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 941a32aea1b1b3bca1ae343d5d925892 corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 1d79a7b921ce150de88e22ffbaba4b31 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.1.20060mlcs4.x86_64.rpm\n d80b9ffca3dd024e73d069e55ba7fa3e corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7a7a11645680a7bee9cf88b166b0d32f corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n fcc85c0f9faf1fa08a01f3d4ecb68033 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 55789d16ff565bcd31dfa522435d4d4b corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 7ee708824d65878b71ede35e139ac94d corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.1.20060mlcs4.x86_64.rpm\n e8579835f848cade641da14354196497 corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 6a1e70a638aecf603f3bc2485d14bd78 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 212f40574d0821b909972ebc36fb697a corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 32a8dd886e42c8093be05c9ee4d31855 corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 265bccd86baa7fca942f1c6d4d694523 corporate/4.0/x86_64/apache-modules-2.2.3-1.1.20060mlcs4.x86_64.rpm\n babdb585a6c754f23d91c41fc844a5e2 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 63274f5c5dc3897d0062f621b1c63e0e corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.1.20060mlcs4.x86_64.rpm\n 18782a1fcbcb760d36162ce830ac4cdd corporate/4.0/x86_64/apache-source-2.2.3-1.1.20060mlcs4.x86_64.rpm \n 8cdf592a822485abba00dfb6591615ea corporate/4.0/SRPMS/apache-2.2.3-1.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFGjD3WmqjQ0CJFipgRAtGoAKCXMGCKCMbkso0ugvF0TpsWNwkPjgCfVakS\nRe00IyLecNs4MIGgsrv2qJE=\n=5EEm\n-----END PGP SIGNATURE-----\n\n. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.2.6 *\u003e= 2.0.59-r5\n \u003e= 2.2.6\n\nDescription\n===========\n\nMultiple cross-site scripting vulnerabilities have been discovered in\nmod_status and mod_autoindex (CVE-2006-5752, CVE-2007-4465). An error\nhas been discovered in the recall_headers() function in mod_mem_cache\n(CVE-2007-1862). The mod_cache module does not properly sanitize\nrequests before processing them (CVE-2007-1863). The Prefork module\ndoes not properly check PID values before sending signals\n(CVE-2007-3304). The mod_proxy module does not correctly check headers\nbefore processing them (CVE-2007-3847). \n\nImpact\n======\n\nA remote attacker could exploit one of these vulnerabilities to inject\narbitrary script or HTML content, obtain sensitive information or cause\na Denial of Service. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.0.59-r5\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n [ 2 ] CVE-2007-1862\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862\n [ 3 ] CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n [ 4 ] CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n [ 5 ] CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n [ 6 ] CVE-2007-4465\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200711-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2007 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nGet a free trial of the Secunia Vulnerability Intelligence Solutions:\nhttp://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv\n\n----------------------------------------------------------------------\n\nTITLE:\nHitachi Web Server Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA27421\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/27421/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass, Cross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nuCosminexus Application Server\nhttp://secunia.com/product/13819/\nHitachi Web Server 3.x\nhttp://secunia.com/product/13335/\nHitachi Web Server 2.x\nhttp://secunia.com/product/13334/\nHitachi Web Server 1.x\nhttp://secunia.com/product/13333/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in the Hitachi Web Server,\nwhich can be exploited by malicious people to bypass certain security\nrestrictions or conduct cross-site scripting attacks. \n\n1) An error exists within the handling of SSL requests. This can be\nexploited to trick a vulnerable server into accepting a forged\nsignature. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.hitachi-support.com/security_e/vuls_e/HS07-034_e/index-e.html\nhttp://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01178795\nVersion: 1\n\nHPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-02\nLast Updated: 2007-10-02\n\nPotential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. \n\nReferences: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache\n\nBACKGROUND\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended patch or update is installed. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision A.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \n\naction: install revision B.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \nHP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \n\nMANUAL ACTIONS: Yes - Update \nInstall HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 02 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ\nHHoe3AY1sc6hrW3Xk+B1hcbr\n=+E1W\n-----END PGP SIGNATURE-----\n. =========================================================== \nUbuntu Security Notice USN-499-1 August 16, 2007\napache2 vulnerabilities\nCVE-2006-5752, CVE-2007-1863, CVE-2007-3304\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.2\n apache2-mpm-prefork 2.0.55-4ubuntu2.2\n apache2-mpm-worker 2.0.55-4ubuntu2.2\n\nUbuntu 6.10:\n apache2-common 2.0.55-4ubuntu4.1\n apache2-mpm-prefork 2.0.55-4ubuntu4.1\n apache2-mpm-worker 2.0.55-4ubuntu4.1\n\nUbuntu 7.04:\n apache2-mpm-prefork 2.2.3-3.2ubuntu0.1\n apache2-mpm-worker 2.2.3-3.2ubuntu0.1\n apache2.2-common 2.2.3-3.2ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nStefan Esser discovered that mod_status did not force a character set,\nwhich could result in browsers becoming vulnerable to XSS attacks when\nprocessing the output. If a user were tricked into viewing server\nstatus output during a crafted server request, a remote attacker could\nexploit this to modify the contents, or steal confidential data (such as\npasswords), within the same domain. By default, mod_status is disabled\nin Ubuntu. (CVE-2006-5752)\n\nNiklas Edmundsson discovered that the mod_cache module could be made to\ncrash using a specially crafted request. A remote user could use this\nto cause a denial of service if Apache was configured to use a threaded\nworker. By default, mod_cache is disabled in Ubuntu. (CVE-2007-1863)\n\nA flaw was discovered in the signal handling of Apache. A local\nattacker could trick Apache into sending SIGUSR1 to other processes. \nThe vulnerable code was only present in Ubuntu Feisty. (CVE-2007-3304)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz\n Size/MD5: 115882 e94e45574e3b131d3a9a0e07e193f1e5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc\n Size/MD5: 1148 c2bc143625fbf8ca59fea300845c5a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb\n Size/MD5: 2124364 9b8ca5d5757c63f5ee6bbd507f0a8357\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 833000 be4c7770c725f5f4401ca06d1347211f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227832 41c12dfe84f109e6544a33e4e1d791a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 222934 7e4d072bad27239e366a6eda94c09190\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 227576 8fc59f78a3fa0e5d6dac81e875039bda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171082 4318f93373b705563251f377ed398614\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 171860 257f4183d70be5a00546c39c5a18f108\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 93916 695cee55f91ceb9424abe31d8b6ee1dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 35902 00c1082a77ff1d863f72874c4472a26d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 285336 0a8510634b21f56f0d9619aa6fc9cec9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb\n Size/MD5: 143952 d75f83ac219bce95a15a8f44b82b8ea7\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 786186 4e78fa0d438867194f66b11b4eb6fc2e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202448 74cf60884e18c1fc93f157010a15b12c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 198456 209a0b92995fec453ed4c2c181e3e555\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 202038 6cbd437caf993fa2b2b38369cd3d5863\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171074 0a5a26aa58af7aa2d51d1cf5d7c543d6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 171848 af9ca78febc5bc0c7936296dab958349\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 91884 2857d60b507b28c736f83815c9f3d1b8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 35906 202b5b233af0d26e29ca7302cf7fd04c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 261418 c90342706ac26682d15032a5ba5cb51a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb\n Size/MD5: 131850 951a4573901bc2f10d5febf940d57516\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 859126 afdd8642ca447fc9dc70dfed92be0fa6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219898 6d9c9f924d2356bf9d3438a280870a7d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 215602 dd554132cdea0f860e01cf5d4e0dbc7c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 219378 7a1f4b325dacef287c901fa66680c04e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171096 a0e2547d38ef1b84dc419d69e42ffa0b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 171864 200ab662b2c13786658486df37fda881\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 103628 ae36642fbd4698bb362fa4bf9417b0e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 35910 358027282f2f19451d3aa784dc0474dc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 280950 0d9b56ec076da25e2a03f6d3c6445057\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb\n Size/MD5: 141074 f5d3d5e0e5911e0c0156ae55af50f87b\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 803440 d66da6a91c08956c3c5062668349ef41\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209970 57f0a8f823a4502ee9a2608e3181cc81\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 205582 1dcfb0df796e85c409f614544ea589fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 209330 6bf7ae824eea35d3487febef384fce91\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171080 1088337f4abcb6c8f65751b6120c2307\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 171868 5cda04cd73a9c6d8dfc18abd55c09ebd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 92972 850ab3bb0904e8fe9b6255c42ba7f84c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 35904 7af260b95c4faa17ef34810fed888caf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 267550 08182a8a2cab00fc0e6bca2cccf5165f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb\n Size/MD5: 129760 a60606c6d2f12209b0bdae997be4a13f\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz\n Size/MD5: 116265 2732761b18dfb3c2cd1aa0b54c2cf623\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc\n Size/MD5: 1148 4b9c4612469c521db0c5fdbe2f6b9b25\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb\n Size/MD5: 2124550 8d5c30342b35f9fd595fb09d7659b6fc\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 836342 2c4ba483b0b20fdc2d43819109177941\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 227390 e61cc1998f5b8f2c44dce587e59d288a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 222376 6bdbff7f7f80fd464d1e3ec52d6e7171\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 226848 4356b4caf2b40f364c8893c41b9f9355\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 171304 c4395af051e876228541ef5b8037d979\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 172074 99dadc4ad0f0947f9368d89f4589d95a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 94204 30f3bb8c72575fe93940ecc730b8e4b6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 36152 ea3cbefcbee7e2f6e5555edb44733ad9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 286544 d555931490d44d93bec31c4bfc19ed12\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb\n Size/MD5: 145014 3e06ceb0a55598d82f9f781c44e210b3\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 806938 050bb7665332d3761e1a8e47939fa507\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209556 ee530b24aba8838001ebb6c901bc90cd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 205718 b52a17c63909eae3c49bad0ab1958f4b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 209158 1844fa5e09224a90944f8b886ddb5a2a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 171296 9de8aba41f7e3d60f41536ca712adebb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 172078 01ccd554177364747b08e2933f121d2c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 93240 4573597317416869646eb2ea42cd0945\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 36150 77666d65bade6a91bd58826c79f11dc9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 266390 a3963d8e76f6865404f7fadb47880c87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb\n Size/MD5: 137604 387f6bcdaa58dbbe53082241b3231844\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 865372 27d7f1de1fcb2114d3f3b0a774302488\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221542 1ae8fa5cf4b77f3b2aa054e2886e587e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 217044 9134983c40107f79fcac8d1eacbc7117\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 221324 b435dc09c63ecbcd564a0923a8f07350\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 171296 6d2a0abfb7a1daaeae56559eeb322dcb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 172064 ecc2037409554ea43c5a6848aa510c76\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 104654 d0957d8df044c4a34437241792ed97d1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 36148 34e102e1d2e1c6a6f31801dfb98cb82a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 284548 c8f325ccc42cbe77191d4ddd9abc2a4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb\n Size/MD5: 144238 82cfbfcec5fc4931078145af8947c035\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 811594 d8548e537fd81994bbb638e105dfbf8b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 212160 81cd0197ff89b79c967c1074ede9f8d7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 207870 5d80ed8dc39b0d4d59fccb747624a684\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 211578 9407383d85db831dab728b39cce9acc8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 171294 5e4d695a99bdc1fdfb0bfcef8b91d03d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 172064 06e3e765d799e281dba7329ff9d9e138\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 93796 1048b47b289fb2047fa9ac7ebbe94a57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 36150 0d106a177aa4271b1cfc0e96eec1a748\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 268444 3912123e7c71cc638132305ca89fe23b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb\n Size/MD5: 130626 f4444e0239c2da7d3c31e3486606f95a\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz\n Size/MD5: 112120 f7b1a17718aed7ca73da3a6d7aad06b0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc\n Size/MD5: 1128 e82b1bee591fff50d6673ed1a443e543\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 2199184 c03756f87cb164213428532f70e0c198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 272064 5be351f491f8d1aae9a270d1214e93e3\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 6674104 bdbabf8f478562f0e003737e977ffc7b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb\n Size/MD5: 38668 9f0c7c01e8441285c084002eb4619065\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449624 1b54a8000c40eaaa0f9e31527b9bb180\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 445346 d15625641a3247fbf5d9d9b9aed34968\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 449208 55f39c28a4de98d53f80231aeb7d6c59\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 403570 0042c75be8a2d128d62b79398deaefa8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 404138 929772b95ea67f338ad423a65b2b7011\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 341312 906819b0de863209575aa65d39a594a5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb\n Size/MD5: 971462 f85e32c5f6437ce149553aee97ffd934\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432922 c1b81ac7dc7b7a0b2261fd10d9bcf5c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 428856 f506f2a9dd2dbd5c2d3f72a476cc3537\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 432314 a5a11947ad8cf14604efa7ddcfd20bfe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 403574 da84a3a99276f14a11ac892ce7eee170\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 404138 0fdd43a53e6957aa3a348a7bd9c876f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 340396 88a0ddbc58335416d91c9f10adc9d5f5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb\n Size/MD5: 929716 138d58487b882e6002e3c5e4a9489add\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 451530 ddc437092ef642fcd396713cd1972f4c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 446960 af1b667708e062f81bca4e995355394d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 450940 ed9f31ec5045a88446115987c6e97655\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 403574 65801ab51335a15dc370b9341a0e50dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 404146 fd35e65fadd836feb0190b209947b466\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 360518 b74bc9eead429cd8f0ebecd6a94e5edb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb\n Size/MD5: 1073812 376fe5b1ee383a6d870eea5dd3c6a704\n\n sparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 434408 c70ef2e9aed191fe53886ceb3725596e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 430574 7b690896da23a151ee5e106d596c1143\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 433918 cc01edfcfc673ba9a86c83fcc66e6870\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 403568 a7660cff70394403c764cf8f30c7298a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 404136 b8587d5eba0be59a6576d6cf645b2122\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 343370 1572a001a612add57d23350210ac1736\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb\n Size/MD5: 938586 b74a91fcfbb0503355e94981310bd1ce\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-5752"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-5752",
"trust": 3.6
},
{
"db": "BID",
"id": "24645",
"trust": 2.2
},
{
"db": "SECUNIA",
"id": "26458",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2007-2727",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2007-3283",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2007-3386",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2007-4305",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-0233",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "27732",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "25920",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "26993",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28212",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28606",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "28224",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "26842",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "27563",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "27037",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "25873",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "26508",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "26822",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "26273",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "26443",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "25827",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "25830",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "37052",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1018302",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "27421",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773",
"trust": 0.8
},
{
"db": "VULMON",
"id": "CVE-2006-5752",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57505",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60759",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "HITACHI",
"id": "HS07-035",
"trust": 0.1
},
{
"db": "HITACHI",
"id": "HS07-034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60585",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58667",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"id": "VAR-200706-0666",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2024-11-28T20:05:25.831000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "httpd (V4.0)",
"trust": 1.6,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1073"
},
{
"title": "Fixed in Apache httpd 1.3.39-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.39-dev"
},
{
"title": "Fixed in Apache httpd 2.0.61-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.61-dev"
},
{
"title": "Fixed in Apache httpd 2.2.6-dev",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.6-dev"
},
{
"title": "Revision 549159",
"trust": 0.8,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=549159"
},
{
"title": "HS07-035",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS07-035/index.html"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01178795"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02262.html"
},
{
"title": "PK55141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK55141"
},
{
"title": "4017303",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017303"
},
{
"title": "Fix Pack 13 (6.1.0.13)",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007951#61013"
},
{
"title": "PK49295",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK49295"
},
{
"title": "4017141",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017141"
},
{
"title": "httpd (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1078"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html"
},
{
"title": "245112",
"trust": 0.8,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112"
},
{
"title": "RHSA-2007:0534",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0534.html"
},
{
"title": "RHSA-2007:0532",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0532.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0556.html"
},
{
"title": "RHSA-2007:0533",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0533.html"
},
{
"title": "July 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update"
},
{
"title": "103179",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"
},
{
"title": "TLSA-2007-41",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2007/TLSA-2007-41.txt"
},
{
"title": "HS07-035",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS07-035/index.html"
},
{
"title": "RHSA-2007:0532",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0532J.html"
},
{
"title": "RHSA-2007:0556",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0556J.html"
},
{
"title": "RHSA-2007:0533",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0533J.html"
},
{
"title": "RHSA-2007:0534",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0534J.html"
},
{
"title": "TLSA-2007-41",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2007/TLSA-2007-41j.txt"
},
{
"title": "interstage_as_200802",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200802.html"
},
{
"title": "HS07-035",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-499-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2006-5752 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kasem545/vulnsearch "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/SecureAxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-79",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.securityfocus.com/bid/24645"
},
{
"trust": 2.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 1.6,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5752"
},
{
"trust": 1.4,
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0534.html"
},
{
"trust": 1.4,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0556.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.4,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.4,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-353.htm"
},
{
"trust": 1.4,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk52702"
},
{
"trust": 1.4,
"url": "https://rhn.redhat.com/errata/rhsa-2007-0533.html"
},
{
"trust": 1.4,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"
},
{
"trust": 1.4,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-200711-06.xml"
},
{
"trust": 1.1,
"url": "http://svn.apache.org/viewvc?view=rev\u0026revision=549159"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0532.html"
},
{
"trust": 1.1,
"url": "https://issues.rpath.com/browse/rpl-1500"
},
{
"trust": 1.1,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.1,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=186219"
},
{
"trust": 1.1,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pk49295\u0026apar=only"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-september/msg00320.html"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:140"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:141"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:142"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0557.html"
},
{
"trust": 1.1,
"url": "http://www.novell.com/linux/security/advisories/2007_61_apache2.html"
},
{
"trust": 1.1,
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-499-1"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1018302"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/25827"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/25830"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/25873"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/25920"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/26273"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/26443"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/26458"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/26508"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/26822"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/26842"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/26993"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/27037"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/27563"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/27732"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28212"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28224"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/28606"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.1,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0233"
},
{
"trust": 1.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01178795"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/4305"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/2727"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/3283"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"trust": 1.1,
"url": "http://osvdb.org/37052"
},
{
"trust": 1.1,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35097"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10154"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/26458/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5809"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2007/3666"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5809"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/27421"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-012.htm"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/changes_2.2.6"
},
{
"trust": 0.3,
"url": "/archive/1/481830"
},
{
"trust": 0.3,
"url": "/archive/1/479708"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk49295"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0532.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2006-5752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/499-1/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://enigmail.mozdev.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1862"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13335/"
},
{
"trust": 0.1,
"url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-034_e/index-e.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/27421/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13333/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13819/"
},
{
"trust": 0.1,
"url": "http://www.hitachi-support.com/security_e/vuls_e/hs07-035_e/index-e.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13334/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1358"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/softwaredepot/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1355"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3386"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2450"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3382"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2756"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3385"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2449"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu0.1_i386.deb"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"db": "BID",
"id": "24645"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"db": "PACKETSTORM",
"id": "57506"
},
{
"db": "PACKETSTORM",
"id": "57505"
},
{
"db": "PACKETSTORM",
"id": "60759"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "60585"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "58667"
},
{
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-27T00:00:00",
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"date": "2007-06-26T00:00:00",
"db": "BID",
"id": "24645"
},
{
"date": "2007-07-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"date": "2007-07-07T04:30:58",
"db": "PACKETSTORM",
"id": "57506"
},
{
"date": "2007-07-07T04:29:41",
"db": "PACKETSTORM",
"id": "57505"
},
{
"date": "2007-11-07T20:27:55",
"db": "PACKETSTORM",
"id": "60759"
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533"
},
{
"date": "2007-11-01T02:12:35",
"db": "PACKETSTORM",
"id": "60585"
},
{
"date": "2007-10-10T05:27:27",
"db": "PACKETSTORM",
"id": "59939"
},
{
"date": "2007-08-17T06:30:14",
"db": "PACKETSTORM",
"id": "58667"
},
{
"date": "2007-06-27T17:30:00",
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2006-5752"
},
{
"date": "2010-08-05T21:15:00",
"db": "BID",
"id": "24645"
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000478"
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-000773"
},
{
"date": "2024-11-21T00:20:24.483000",
"db": "NVD",
"id": "CVE-2006-5752"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "24645"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server of mod_status Module cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-000478"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "24645"
}
],
"trust": 0.3
}
}
var-200801-0561
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users' browsers to arbitrary locations, which may aid in phishing attacks. The issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev. =========================================================== Ubuntu Security Notice USN-575-1 February 04, 2008 apache2 vulnerabilities CVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: apache2-mpm-perchild 2.0.55-4ubuntu2.3 apache2-mpm-prefork 2.0.55-4ubuntu2.3 apache2-mpm-worker 2.0.55-4ubuntu2.3
Ubuntu 6.10: apache2-mpm-perchild 2.0.55-4ubuntu4.2 apache2-mpm-prefork 2.0.55-4ubuntu4.2 apache2-mpm-worker 2.0.55-4ubuntu4.2
Ubuntu 7.04: apache2-mpm-event 2.2.3-3.2ubuntu2.1 apache2-mpm-perchild 2.2.3-3.2ubuntu2.1 apache2-mpm-prefork 2.2.3-3.2ubuntu2.1 apache2-mpm-worker 2.2.3-3.2ubuntu2.1
Ubuntu 7.10: apache2-mpm-event 2.2.4-3ubuntu0.1 apache2-mpm-perchild 2.2.4-3ubuntu0.1 apache2-mpm-prefork 2.2.4-3ubuntu0.1 apache2-mpm-worker 2.2.4-3ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
It was discovered that Apache did not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. This was only vulnerable in Ubuntu 6.06. A remote attacker could send Apache crafted date headers and cause a denial of service via application crash. By default, mod_proxy is disabled in Ubuntu. (CVE-2007-3847)
It was discovered that mod_autoindex did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. (CVE-2007-4465)
It was discovered that mod_imap/mod_imagemap did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)
It was discovered that mod_status when status pages were available, allowed for cross-site scripting attacks. By default, mod_status is disabled in Ubuntu. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6421)
It was discovered that mod_proxy_balancer could be made to dereference a NULL pointer. A remote attacker could send a crafted request and cause a denial of service via application crash. By default, mod_proxy_balancer is disabled in Ubuntu. This was only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)
It was discovered that mod_proxy_ftp did not force a character set, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. By default, mod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz
Size/MD5: 121305 10359a467847b63f8d6603081450fece
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc
Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb
Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 171402 3b7567107864cf36953e7911a4851738
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 172186 85a591ea061cbc727fc261b046781502
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 94240 b80027348754c493312269f7410b38fe
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 285664 76f4879738a0a788414316581ac2010b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb
Size/MD5: 144250 3cd8327429958569a306257da57e8be0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 786052 7bdddb451607eeb2abb9706641675397
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb
Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 215932 bee4a6e00371117203647fd3a311658a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 219800 aaf4968deba24912e4981f35a367a086
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb
Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 93282 1ae6def788c74750d79055784c0d8006
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 267832 96c149638daeb993250b18c9f4285abf
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb
Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz
Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc
Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb
Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb
Size/MD5: 145340 109c93408c5197be50960cce80c23b7c
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 209552 8a23207211e54b138d5a87c15c097908
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 171636 07616e459905bad152a8669c8f670436
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb
Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 222022 e37ef7d710800e568d838242d3129725
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb
Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 208354 0a571678c269d1da06787dac56567f1c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 212052 90754ccdcd95e652413426376078d223
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb
Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz
Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc
Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb
Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb
Size/MD5: 971426 30db1106dfea5106da54d2287c02a380
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb
Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 403974 65a11cfaee921517445cf74ed04df701
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb
Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 434308 2073137bb138dc52bbace666714f4e14
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 343774 880faca3543426734431c29de77c3048
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb
Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz
Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc
Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz
Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 278032 4f8270cff0a532bd059741b366047da9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb
Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb
Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 435354 f3557e1a87154424e9144cf672110e93
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb
Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb
Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49
http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb
Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8
. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary
Updated VMware Hosted products address security issues in libpng and the Apace HTTP Server.
- Relevant releases
VMware Workstation 6.5.2 and earlier, VMware Player 2.5.2 and earlier, VMware ACE 2.5.2 and earlier
- Problem Description
a. Third Party Library libpng Updated to 1.2.35
Several flaws were discovered in the way third party library libpng
handled uninitialized pointers. An attacker could create a PNG image
file in such a way, that when loaded by an application linked to
libpng, it could cause the application to crash or execute arbitrary
code at the privilege level of the user that runs the application.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-0040 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.3 build 185404 or later
Player 2.5.x any 2.5.3 build 185404 or later
ACE 2.5.x any 2.5.3 build 185404 or later
Server 2.x any patch pending
Server 1.x any patch pending
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected *
* The libpng update for the Service Console of ESX 2.5.5 is
documented in VMSA-2009-0007.
b. Apache HTTP Server updated to 2.0.63
The new version of ACE updates the Apache HTTP Server on Windows
hosts to version 2.0.63 which addresses multiple security issues
that existed in the previous versions of this server.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,
CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the
issues that have been addressed by this update.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any not affected
Player 2.5.x any not affected
ACE 2.5.x Windows 2.5.3 build 185404 or later
ACE 2.5.x Linux update Apache on host system *
Server 2.x any not affected
Server 1.x any not affected
Fusion 2.x Mac OS/X not affected
Fusion 1.x Mac OS/X not affected
ESXi 4.0 ESXi not affected
ESXi 3.5 ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
* The Apache HTTP Server is not part of an ACE install on a Linux
host. Update the Apache HTTP Server on the host system to version
2.0.63 in order to remediate the vulnerabilities listed above.
- Solution
Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 6.5.3
http://www.vmware.com/download/ws/ Release notes: http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html
For Windows
Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 7565d16b7d7e0173b90c3b76ca4656bc sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1
For Linux
Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 4d55c491bd008ded0ea19f373d1d1fd4 sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e
Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: d4a721c1918c0e8a87c6fa4bad49ad35 sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5
Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 72adfdb03de4959f044fcb983412ae7c sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb
Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: 83e1f0c94d6974286256c4d3b559e854 sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542
VMware Player 2.5.3
http://www.vmware.com/download/player/ Release notes: http://www.vmware.com/support/player25/doc/releasenotes_player253.html
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe md5sum: fe28f193374c9457752ee16cd6cad4e7 sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm md5sum: c99cd65f19fdfc7651bcb7f328b73bc2 sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle md5sum: 210f4cb5615bd3b2171bc054b9b2bac5 sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b
Player for Linux - 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm md5sum: f91576ef90b322d83225117ae9335968 sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974
Player for Linux - 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle md5sum: 595d44d7945c129b1aeb679d2f001b05 sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4
VMware ACE 2.5.3
http://www.vmware.com/download/ace/ Release notes: http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html
ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 44cc7b86353047f02cf6ea0653e38418 sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1
VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for Windows Windows .exe md5sum: 0779da73408c5e649e0fd1c62d23820f sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef
ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: a4fc92d7197f0d569361cdf4b8cca642 sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75
ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 841005151338c8b954f08d035815fd58 sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
- Change log
2009-08-20 VMSA-2009-0010 Initial security advisory after release of Workstation 6.5.3, Player 2.5.3, and ACE 2.5.3 on 2009-08-20.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2009 VMware Inc. All rights reserved.
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
Updated Packages:
Mandriva Linux 2007.0: 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.1: cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm
Mandriva Linux 2008.0: cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm
Corporate 4.0: 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01607570 Version: 1
HPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-19 Last Updated: 2008-11-19
Potential Security Impact: Remote cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS).
References: CVE-2007-6388, CVE-2007-5000
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made patches available to resolve the vulnerabilities.
The patches are available from http://itrc.hp.com
OV NNM v7.53
Operating_System - HP-UX (IA) Resolved in Patch - PHSS_38148 or subsequent
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38147 or subsequent
Operating_System - Linux RedHatAS2.1 Resolved in Patch - LXOV_00085 or subsequent
Operating_System - Linux RedHat4AS-x86_64 Resolved in Patch - LXOV_00086 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03514 or subsequent
OV NNM v7.51
Upgrade to NNM v7.53 and install the patches listed above.
OV NNM v7.01
Operating_System - HP-UX (PA) Resolved in Patch - PHSS_38761 or subsequent
Operating_System - Solaris Resolved in Patch - PSOV_03516 or subsequent
MANUAL ACTIONS: Yes - NonUpdate Apply the appropriate file as described in the Resolution.
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS (for HP-UX)
For HP-UX OV NNM 7.53 HP-UX B.11.31 HP-UX B.11.23 (IA) ============= OVNNMgr.OVNNM-RUN action: install PHSS_38148 or subsequent URL: http://itrc.hp.com
HP-UX B.11.23 (PA) HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38147 or subsequent URL: http://itrc.hp.com
For HP-UX OV NNM 7.51 HP-UX B.11.31 HP-UX B.11.23 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches
For HP-UX OV NNM 7.01 HP-UX B.11.00 HP-UX B.11.11 ============= OVNNMgr.OVNNM-RUN action: install PHSS_38761 or subsequent URL: http://itrc.hp.com
END AFFECTED VERSIONS (for HP-UX)
HISTORY Version:1 (rev.1) - 19 November 2008 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs A2UIaH3YB7z+o42Tm7Eg7ahn =lskD -----END PGP SIGNATURE----- . The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. The November 2005 Netcraft Web Server Survey found that more than 70% of the web sites on the Internet are using Apache, thus making it more widely used than all other web servers combined. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state."
- --- 1. Apache Refresh Header - Open Redirector (XSS) Vulnerability ---
During the fact that Apache mod_status do not filter char ";" we can inject new URL. This fact give attacker open redirector and can lead to phishing attack. Also attacker can create more advanced method to trigger XSS on victim's browser. Exploit ---
SecurityReason is not going to release a exploit to the general public. Exploit was provided and tested for Apache Team . References ---
A Refreshing Look at Redirection : http://www.securityfocus.com/archive/1/450418 by Amit Klein
- --- 5. Greets ---
For: Maksymilian Arciemowicz ( cXIb8O3 ), Infospec, pi3, p_e_a, mpp
- --- 6. HP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.2 or earlier
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200801-0561",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "lte",
"trust": 1.8,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "oracle",
"version": "10.1.3.5.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "1.3.28.1"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "1.3.2"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "http server",
"scope": "lt",
"trust": 0.8,
"vendor": "ibm",
"version": "6.0.2.27"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.4.11"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.2"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3.0 (x86-64)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux personal",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "11 (x64)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux as (v.4)"
},
{
"model": "application stack",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "v1 for enterprise linux es (v.4)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "cosminexus application server enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus application server standard",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 6"
},
{
"model": "cosminexus application server version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer light version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer professional version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer standard version 6",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus developer version 5",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - enterprise edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - standard edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - standard edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - web edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "cosminexus server - web edition version 4",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "web server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "systemwalker resource coordinator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.60"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.0.61"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "interstage job workload server",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "2.2.5-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.35"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11x64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "2.2.7-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.56"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.5"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.34"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.28"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.39"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.7"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.2"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "networks self-service peri application",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "networks self-service wvads",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "interstage studio enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "-dev",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.35"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.22"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.9"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "2.2.6-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "1.3.40-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0.1"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.43"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "interstage apworks modelers-j edition 6.0a",
"scope": null,
"trust": 0.3,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.51"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.55"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.20"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.26"
},
{
"model": "interstage business application server enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.25"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.37"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.1"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.53"
},
{
"model": "interstage application server standard edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.14"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.10"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1"
},
{
"model": "hardware management console for pseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.33"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.11"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "networks self-service speech server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "fuji",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "websphere application server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.17"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.36"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "hardware management console for iseries r1.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.0"
},
{
"model": "interstage apworks modelers-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "application stack for enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "openview network node manager",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.01"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.12"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.38"
},
{
"model": "interstage application server plus",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.0.47"
},
{
"model": "interstage application server web-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "5.0"
},
{
"model": "2.0.61-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "2.0.62-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "networks self-service peri workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "interstage application server plus developer",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "6.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.2"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.44"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.24"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.63"
},
{
"model": "enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.40"
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "application stack for enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "v14"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.23"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.0"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "business availability center",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "8.01"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.39"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.19"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.18"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.27"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "interstage application server enterprise edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "network proxy (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3)4.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "networks self-service web centric ccxml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "networks self service voicexml",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.58"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.54"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.10"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.42"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.37"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "7.0.1"
},
{
"model": "interstage application server standard-j edition a",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "9.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "interstage application server enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.36"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.1x86-64"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.32"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.41"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.6"
},
{
"model": "2.0.60-dev",
"scope": null,
"trust": 0.3,
"vendor": "apache",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0.0x64"
},
{
"model": "networks self-service media processing server",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.17"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "interstage application server standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "interstage studio standard-j edition",
"scope": "eq",
"trust": 0.3,
"vendor": "fujitsu",
"version": "8.0.1"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.41"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.31"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.59"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "7.04"
}
],
"sources": [
{
"db": "BID",
"id": "27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ibm:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:oracle:http_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_application_stack",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer_version_5",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:hitachi_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_light",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer_standard",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_architect",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service_platform",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:systemwalker_resource_coordinator",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "sp3x is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "27237"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
}
],
"trust": 0.9
},
"cve": "CVE-2007-6388",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-6388",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-6388",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-6388",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200801-095",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2007-6388",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Reportedly, attackers can also use this issue to redirect users\u0027 browsers to arbitrary locations, which may aid in phishing attacks. \nThe issue affects versions prior to Apache 2.2.7-dev, 2.0.62-dev, and 1.3.40-dev. =========================================================== \nUbuntu Security Notice USN-575-1 February 04, 2008\napache2 vulnerabilities\nCVE-2006-3918, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000,\nCVE-2007-6388, CVE-2007-6421, CVE-2007-6422, CVE-2008-0005\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n apache2-mpm-perchild 2.0.55-4ubuntu2.3\n apache2-mpm-prefork 2.0.55-4ubuntu2.3\n apache2-mpm-worker 2.0.55-4ubuntu2.3\n\nUbuntu 6.10:\n apache2-mpm-perchild 2.0.55-4ubuntu4.2\n apache2-mpm-prefork 2.0.55-4ubuntu4.2\n apache2-mpm-worker 2.0.55-4ubuntu4.2\n\nUbuntu 7.04:\n apache2-mpm-event 2.2.3-3.2ubuntu2.1\n apache2-mpm-perchild 2.2.3-3.2ubuntu2.1\n apache2-mpm-prefork 2.2.3-3.2ubuntu2.1\n apache2-mpm-worker 2.2.3-3.2ubuntu2.1\n\nUbuntu 7.10:\n apache2-mpm-event 2.2.4-3ubuntu0.1\n apache2-mpm-perchild 2.2.4-3ubuntu0.1\n apache2-mpm-prefork 2.2.4-3ubuntu0.1\n apache2-mpm-worker 2.2.4-3ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that Apache did not sanitize the Expect header from\nan HTTP request when it is reflected back in an error message, which\ncould result in browsers becoming vulnerable to cross-site scripting\nattacks when processing the output. With cross-site scripting\nvulnerabilities, if a user were tricked into viewing server output\nduring a crafted server request, a remote attacker could exploit this\nto modify the contents, or steal confidential data (such as passwords),\nwithin the same domain. This was only vulnerable in Ubuntu 6.06. A remote\nattacker could send Apache crafted date headers and cause a denial of\nservice via application crash. By default, mod_proxy is disabled in\nUbuntu. (CVE-2007-3847)\n\nIt was discovered that mod_autoindex did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. (CVE-2007-4465)\n\nIt was discovered that mod_imap/mod_imagemap did not force a\ncharacter set, which could result in browsers becoming vulnerable\nto cross-site scripting attacks when processing the output. By\ndefault, mod_imap/mod_imagemap is disabled in Ubuntu. (CVE-2007-5000)\n\nIt was discovered that mod_status when status pages were available,\nallowed for cross-site scripting attacks. By default, mod_status is\ndisabled in Ubuntu. By default,\nmod_proxy_balancer is disabled in Ubuntu. This was only vulnerable\nin Ubuntu 7.04 and 7.10. (CVE-2007-6421)\n\nIt was discovered that mod_proxy_balancer could be made to\ndereference a NULL pointer. A remote attacker could send a crafted\nrequest and cause a denial of service via application crash. By\ndefault, mod_proxy_balancer is disabled in Ubuntu. This was only\nvulnerable in Ubuntu 7.04 and 7.10. (CVE-2007-6422)\n\nIt was discovered that mod_proxy_ftp did not force a character set,\nwhich could result in browsers becoming vulnerable to cross-site\nscripting attacks when processing the output. By default,\nmod_proxy_ftp is disabled in Ubuntu. (CVE-2008-0005)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz\n Size/MD5: 121305 10359a467847b63f8d6603081450fece\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc\n Size/MD5: 1148 923d0e3dcb5afba32a130aed96ac7214\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb\n Size/MD5: 2124588 2befe634f0a889cc2241772f2a7d7164\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 832842 032c077cfeb6ffbc3989c54c27cb729a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 228206 771457a0b555eef325be270e1c22c0c2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 223236 77988570570b779ebf92fcc3dc7dc198\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 227904 945d30797a27c7ac28a96d9c1793b80d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 171402 3b7567107864cf36953e7911a4851738\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 172186 85a591ea061cbc727fc261b046781502\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 94240 b80027348754c493312269f7410b38fe\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 36228 2821ca9410c9cd287e756f05b0f6930c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 285664 76f4879738a0a788414316581ac2010b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb\n Size/MD5: 144250 3cd8327429958569a306257da57e8be0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 786052 7bdddb451607eeb2abb9706641675397\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202862 a88456a5949fe1da4ad3f6c969d3a886\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 198746 aa72459cae4f5765ccd1b58d275961bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 202338 13bbe75f89aeedb6dec9be929528df48\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 171408 34209e19f6ef01cb08aa75c1b3045495\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 172176 4521336ea6f4d87391ee96d70b79f887\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 92182 d8a3310073c017cdc7d3ffd1046a50cf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 36220 0ae71bd4efdd0fb325864f46ba4f16e7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 261736 476e8d909e279fac698baf9cf0d62300\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb\n Size/MD5: 132160 3efb3c11dd844fbc429eff5818dcdae2\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 859014 a8c42d748bfd616f6a6f1bbbf2224205\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 220254 84f7c2678fbab6b303361d32f1a741a8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 215932 bee4a6e00371117203647fd3a311658a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 219800 aaf4968deba24912e4981f35a367a086\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 171410 a15c13c0a2ec49e805f9ae83e5db4ae7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 172198 4e411b4b16daab9a0ddc9ea3651f448d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 103940 dca02b7f5bc6848fa1dc8aa530f04910\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 36222 619ee3ea1064d11a02de092690bfb1e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 281280 9325dbc26f57d76254ceca78bee4cff2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb\n Size/MD5: 141398 668d7fb9dd196e82601ca6d43a326813\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 803242 120feec10c0dcc370894e2a3bdcd399b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 210668 062841f2fd30c07ff1f5b101a7c1e196\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 206266 35b3b9d4b34844b01576ca7963b5edda\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 209954 4f99e4d02fc93222cb541edb09358b79\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 171404 bd728a86c1a8984d60caeee35da0c451\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 172184 1794886b8aca59cf28cbe28d853f42ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 93282 1ae6def788c74750d79055784c0d8006\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 36230 5f1d8e4d19324674a1f5748601431758\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 267832 96c149638daeb993250b18c9f4285abf\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb\n Size/MD5: 130082 7a62f71e679a233ca118cb9813ffd3e3\n\nUpdated packages for Ubuntu 6.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz\n Size/MD5: 121671 775c3b2d53630ddfb4386cbfdb954861\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc\n Size/MD5: 1148 a5dd357e0bef2dc308656c6c0af5ca1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb\n Size/MD5: 2124902 baf4147b4e4d939a08f20c8ac987abf7\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 836086 e04fced4fc1efd4a192a4016f679bc38\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227790 27c558402837f9d4c85315dcdde2f4e1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 222698 a33ef1566dcd4793b0aa633435e8ee44\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 227296 4b3c5e771574d858dd655a9e0a7a5d8c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 171640 bd8fbcd40f5431e6688156ba4b17e960\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 172412 0520836bca78eb64bc97d4a8cc481487\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 94518 8b35759996e50046eca8154ebc63fc1f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 36530 1b08b4418ff0f7ba90940433116cf6d8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 286876 1426b92819b56ff892483acedfdea4c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb\n Size/MD5: 145340 109c93408c5197be50960cce80c23b7c\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 806640 81e91910683454a4b2444e0ce8e929bc\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209996 27440ecbe836673f63ae1773e238eb65\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 206098 e77a4b69c1c456f4ca6c03d9105d8552\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 209552 8a23207211e54b138d5a87c15c097908\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 171636 07616e459905bad152a8669c8f670436\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 172408 69300678b2f8b908f90a91de325c7ee2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 93558 d47cdad1593a7332507c7d0388effbf4\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 36532 47800e58ec26a1389005b8120ad3ca3e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 266728 65cd78808f959d9e73a4d5e348bf3e20\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb\n Size/MD5: 137934 1493ea26165b34a841da777ed801ca7a\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 865216 a635390e5772dd30dac70f7aba5e620d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 222022 e37ef7d710800e568d838242d3129725\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 217630 53127602a5df28a5d66fdd11e396c346\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 221782 d3e43cef5b90a7e3aa405a5d167ddfb6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 171632 d9f1c242ffeab1b90850a6ffc78f0148\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 172404 51b40f3e6a486ce372844ad24b83ecf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 104970 0f281f65023f52f0bea2dc54136b6c57\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 36530 c8c4a7e645fe938da23737602589d08c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 284866 ba3e1b09a14d8e5485561118f6eeefb7\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb\n Size/MD5: 144554 66d17552fd2385cfdf44c5d55ea583c9\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 811380 c2578ed2a96363e7c5fb268933487ccb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212602 aab797ade503fec11a36dbf640e1ef08\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 208354 0a571678c269d1da06787dac56567f1c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 212052 90754ccdcd95e652413426376078d223\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 171634 00fbac613f13f1d1e20470ce42703018\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 172414 65e31d4a009a9663212f8cfcfa492c53\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 94100 95bd6b71a6bc1fceeccbc51d2b913bd2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 36532 b4a7ccf0ba37c70b78a950bacbc4a650\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 268776 5b157a4dd55f533a610bc6c111e9d414\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb\n Size/MD5: 131000 dda2d34f2e90e0468b02e261ae2c6afe\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz\n Size/MD5: 115896 cbb8201fa61844fe02dcc7c2e1e35cf5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc\n Size/MD5: 1128 77143d282e5fc16d3f1dc327b7a4fd87\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz\n Size/MD5: 6342475 f72ffb176e2dc7b322be16508c09f63c\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 2199570 be1a62334680ed00d5f5a4c74113d524\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 272460 eb0d9dce34ef9dd4b940fb98c38e529c\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 6672646 b3d11c9f4451f75e4ff17e663999a579\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb\n Size/MD5: 39090 d2db3ef69d13b4ed76493e189174c304\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 450016 f2726571f028c6f228a73faa1b620f63\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 445732 2f791f5e207e2ed047c4ed36572cea6d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 449602 a67b291ea2270e9c46f8eaecef65f7c6\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 403950 bc7a8419daa6c451decbb5640241df32\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 404518 099bb7f53ae885bd7e8157c781c5b50b\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 341726 0aed173b3eb2db83ddd6ddb49bab7c4e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb\n Size/MD5: 971426 30db1106dfea5106da54d2287c02a380\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 433320 03d3aa003bf777f1f1ae9d8f814caac1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 429248 e49f5accb8764204a2a759ea8b2dea55\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 432706 a3c32680004d3e0b460513d426006bb0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 403964 63c77d5009e715094d21c273b57c04d0\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 404530 f4b9eb26fa058eaec8f75ae956cbc852\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 340810 e5d63edb8c0f2baccf9a2b072d1c3d74\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb\n Size/MD5: 929546 828b8224e2540d7bc4e462d5b2b1f8af\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451914 b1057076382cb22727fa0bcd202c57dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 447340 44e26684bd3a09f2ed6969d2c540f5ae\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 451324 2c029a48b2242e1fdf137a6cec3af09d\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 403974 65a11cfaee921517445cf74ed04df701\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 404538 d27226fdeac7d193651a2cb2bd4b61e8\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 360936 058bbb5e05afc0ca08805ca71a713a42\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb\n Size/MD5: 1073822 0f9dda867e9131cc5418dd40ec579d38\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434804 ff6361811108a9be8b45dd255b84c376\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 430968 367e708f82317b657439fc9e70dfb3eb\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 434308 2073137bb138dc52bbace666714f4e14\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 403952 f0ed9c92b917d1749825e64be61d8822\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 404520 fa7ce800de2eb5719c479a7506798b88\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 343774 880faca3543426734431c29de77c3048\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb\n Size/MD5: 938534 3e9075d30b9cedd73a936a14b8b84374\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz\n Size/MD5: 121669 dd7399c1dacd25d2153af25d3e9c3ea5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc\n Size/MD5: 1241 9b9bd27a1cfe3fc33d63b0b13d345e98\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz\n Size/MD5: 6365535 3add41e0b924d4bb53c2dee55a38c09e\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 2211118 6da81663b251e862bb665d9627271b9f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 278032 4f8270cff0a532bd059741b366047da9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 6700348 b133a1244f39b3f64fdd47cdd4a64480\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb\n Size/MD5: 42192 3f0351337b9c5d21ceea4b92a3911040\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456628 d85a3cbc0eef82e845a8327180136469\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 452408 8dd9341af4b538e6c9f8f70faf5fd2f2\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 456134 f6bcb10663b0c13cdf68c6d0e83c6342\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410020 036c44117688999e0eaa7a6cfc1b5a11\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 410604 cbb1e906a74fb2a34f41a3243ffa8010\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 347444 63413a914cb4546704032ab8f7f16a80\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb\n Size/MD5: 989366 b0c2d84f421fcb331efcec2a7b0711d1\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439730 46888aaf742cdcc30bcf7983d31c0158\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 435354 f3557e1a87154424e9144cf672110e93\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 439062 3469e523d93cfc20b71271b1f24daea1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410026 fafeb6f9433f595e1a634505f78d2bd1\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 410606 29b01db3883e5d12a5992c22cadfbe7a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 346490 6581362eebd73d91d1f74ebd9941c890\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb\n Size/MD5: 944816 a1f598ad168bf49f12f8b0cf08ab7908\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 458126 f08b8b1f2673fdfcbd849bc913006408\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 453546 f52c55b92d5b1c42cb4cfcfee774b1bd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 457466 f7b948be666100a7f5631cbafe2255dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410024 3bba352e3a2d8730a23d04fdcea5abd9\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 410606 b95af66f260d1291e92986790b7d2f0f\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 366550 c2f8906ce78396a240e37c08aa2cc197\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb\n Size/MD5: 1091688 f214016a736f7743a28dfd03e09753e2\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440954 f1a98acdf576d3e7c9576501f7886d30\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 437166 36b4878e0e9593b5d28c743eb093784a\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 440446 46d56f1a8d1b10cc937c8252648a583e\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410028 0c28e9654530a4ecf363d998b78e1fd5\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 410608 8e22b403b2315b190263f8ba2c8f98dd\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 349678 fe7ce515de30be0ef1ddf865cae5dd49\n http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb\n Size/MD5: 956316 009e48ea5e94d39830b3e9ba21aa55c8\n\n. The HP Business Availability Center v8.02 kit is available on the HP Software Support Online portal at: http://support.openview.hp.com/support.jsp . Summary\n\n Updated VMware Hosted products address security issues in libpng and\n the Apace HTTP Server. \n\n2. Relevant releases\n\n VMware Workstation 6.5.2 and earlier,\n VMware Player 2.5.2 and earlier,\n VMware ACE 2.5.2 and earlier\n\n3. Problem Description\n\n a. Third Party Library libpng Updated to 1.2.35\n\n Several flaws were discovered in the way third party library libpng\n handled uninitialized pointers. An attacker could create a PNG image\n file in such a way, that when loaded by an application linked to\n libpng, it could cause the application to crash or execute arbitrary\n code at the privilege level of the user that runs the application. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-0040 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any 6.5.3 build 185404 or later\n\n Player 2.5.x any 2.5.3 build 185404 or later\n\n ACE 2.5.x any 2.5.3 build 185404 or later\n\n Server 2.x any patch pending\n Server 1.x any patch pending\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected *\n\n * The libpng update for the Service Console of ESX 2.5.5 is\n documented in VMSA-2009-0007. \n\n b. Apache HTTP Server updated to 2.0.63\n\n The new version of ACE updates the Apache HTTP Server on Windows\n hosts to version 2.0.63 which addresses multiple security issues\n that existed in the previous versions of this server. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752,\n CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the\n issues that have been addressed by this update. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 6.5.x any not affected\n\n Player 2.5.x any not affected\n\n ACE 2.5.x Windows 2.5.3 build 185404 or later\n ACE 2.5.x Linux update Apache on host system *\n\n Server 2.x any not affected\n Server 1.x any not affected\n\n Fusion 2.x Mac OS/X not affected\n Fusion 1.x Mac OS/X not affected\n\n ESXi 4.0 ESXi not affected\n ESXi 3.5 ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n * The Apache HTTP Server is not part of an ACE install on a Linux\n host. Update the Apache HTTP Server on the host system to version\n 2.0.63 in order to remediate the vulnerabilities listed above. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 6.5.3\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html\n\n For Windows\n\n Workstation for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 7565d16b7d7e0173b90c3b76ca4656bc\n sha1sum: 9f687afd8b0f39cde40aeceb3213a91be487aad1\n\n For Linux\n\n Workstation for Linux 32-bit\n Linux 32-bit .rpm\n md5sum: 4d55c491bd008ded0ea19f373d1d1fd4\n sha1sum: 1f43131c960e76a530390d3b6984c78dfc2da23e\n\n Workstation for Linux 32-bit\n Linux 32-bit .bundle\n md5sum: d4a721c1918c0e8a87c6fa4bad49ad35\n sha1sum: c0c6f9b56e70bd3ffdb5467ee176110e283a69e5\n\n Workstation for Linux 64-bit\n Linux 64-bit .rpm\n md5sum: 72adfdb03de4959f044fcb983412ae7c\n sha1sum: ba16163c8d9b5aa572526b34a7b63dc6e68f9bbb\n\n Workstation for Linux 64-bit\n Linux 64-bit .bundle\n md5sum: 83e1f0c94d6974286256c4d3b559e854\n sha1sum: 8763f250a3ac5fc4698bd26319b93fecb498d542\n\n\n VMware Player 2.5.3\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n http://www.vmware.com/support/player25/doc/releasenotes_player253.html\n\n Player for Windows binary\n\nhttp://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-185404.exe\n md5sum: fe28f193374c9457752ee16cd6cad4e7\n sha1sum: 13bd3ff93c04fa272544d3ef6de5ae746708af04\n\n Player for Linux (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.rpm\n md5sum: c99cd65f19fdfc7651bcb7f328b73bc2\n sha1sum: a33231b26e2358a72d16e1b4e2656a5873fe637e\n\n Player for Linux (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.i386.bundle\n md5sum: 210f4cb5615bd3b2171bc054b9b2bac5\n sha1sum: 2f6497890b17b37480165bab9f430e8645edae9b\n\n Player for Linux - 64-bit (.rpm)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.rpm\n md5sum: f91576ef90b322d83225117ae9335968\n sha1sum: f492fa9cf26ee2818f164aac04cde1680c25d974\n\n Player for Linux - 64-bit (.bundle)\n\nhttp://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-185404.x86_64.bundle\n md5sum: 595d44d7945c129b1aeb679d2f001b05\n sha1sum: acd69fcb0c6bc49fd4af748c65c7fb730ab1e8c4\n\n\n VMware ACE 2.5.3\n ----------------\n http://www.vmware.com/download/ace/\n Release notes:\n http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html\n\n ACE Management Server Virtual Appliance\n AMS Virtual Appliance .zip\n md5sum: 44cc7b86353047f02cf6ea0653e38418\n sha1sum: 9f44b15e6681a6e58dd20784f829c68091a62cd1\n\n VMware ACE for Windows 32-bit and 64-bit\n Windows 32-bit and 64-bit .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for Windows\n Windows .exe\n md5sum: 0779da73408c5e649e0fd1c62d23820f\n sha1sum: 2b2e4963adc89f3b642874685f490222523b63ef\n\n ACE Management Server for SUSE Enterprise Linux 9\n SLES 9 .rpm\n md5sum: a4fc92d7197f0d569361cdf4b8cca642\n sha1sum: af8a135cca398cacaa82c8c3c325011c6cd3ed75\n\n ACE Management Server for Red Hat Enterprise Linux 4\n RHEL 4 .rpm\n md5sum: 841005151338c8b954f08d035815fd58\n sha1sum: 67e48624dba20e6be9e41ec9a5aba407dd8cc01e\n\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-08-20 VMSA-2009-0010\nInitial security advisory after release of Workstation 6.5.3,\nPlayer 2.5.3, and ACE 2.5.3 on 2009-08-20. \n\n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc. All rights reserved. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 912f61ea5210fbb94d71eef7bb634903 2007.0/i586/apache-base-2.2.3-1.3mdv2007.0.i586.rpm\n cb04a945da63abf56db5b444a3360916 2007.0/i586/apache-devel-2.2.3-1.3mdv2007.0.i586.rpm\n f4c419b30cd6f6520d9c995b9edf7098 2007.0/i586/apache-htcacheclean-2.2.3-1.3mdv2007.0.i586.rpm\n 1a40e9af24dce5bec34c4264ae1bdce2 2007.0/i586/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 333f116f1036dcc4a95612179f7a34bd 2007.0/i586/apache-mod_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 717feaa8449934514872fde1dfb26ff8 2007.0/i586/apache-mod_dav-2.2.3-1.3mdv2007.0.i586.rpm\n 15d3661edb2fa693fcc16e890f2b25a1 2007.0/i586/apache-mod_dbd-2.2.3-1.3mdv2007.0.i586.rpm\n 90bdaeaea54a973f5e813a495d82b14b 2007.0/i586/apache-mod_deflate-2.2.3-1.3mdv2007.0.i586.rpm\n 52a5ee95962b1153467443fb608eb3d8 2007.0/i586/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 8a0a950bfe0ce68ca498761e120d05da 2007.0/i586/apache-mod_file_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 4f6b84375fd94d4467a3e3088de26a80 2007.0/i586/apache-mod_ldap-2.2.3-1.3mdv2007.0.i586.rpm\n fa98d84669215b56d3f64450af0d0f5d 2007.0/i586/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.i586.rpm\n 665f988fa0cc99b4b55b01565a2d3075 2007.0/i586/apache-mod_proxy-2.2.3-1.3mdv2007.0.i586.rpm\n a22e15e33709ec0fff4c453643094031 2007.0/i586/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.i586.rpm\n cca659746b2601dc61f8382c64d40206 2007.0/i586/apache-mod_ssl-2.2.3-1.3mdv2007.0.i586.rpm\n 208d8db690290b848c266593324c2a75 2007.0/i586/apache-mod_userdir-2.2.3-1.3mdv2007.0.i586.rpm\n 92a1be6ec8e7a0b274666ea7b2c8c47f 2007.0/i586/apache-modules-2.2.3-1.3mdv2007.0.i586.rpm\n 71670f17ade1c090567f4850c796bdef 2007.0/i586/apache-mpm-prefork-2.2.3-1.3mdv2007.0.i586.rpm\n dd78ed04d011e11e8872c606d4edfa93 2007.0/i586/apache-mpm-worker-2.2.3-1.3mdv2007.0.i586.rpm\n eb5785a9e04f14ac7788d43d18c39fcc 2007.0/i586/apache-source-2.2.3-1.3mdv2007.0.i586.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n b25f0ae69e8be8c807afb36a5b58e4a7 2007.0/x86_64/apache-base-2.2.3-1.3mdv2007.0.x86_64.rpm\n ec93723ef9b7a5e62dc6704461e2b034 2007.0/x86_64/apache-devel-2.2.3-1.3mdv2007.0.x86_64.rpm\n 200fac36fbd67d6cd1857272aa5147e7 2007.0/x86_64/apache-htcacheclean-2.2.3-1.3mdv2007.0.x86_64.rpm\n ac7ec3a712d56ce1a076f29439c042d4 2007.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 126f880a37723b316f13f01c612883c5 2007.0/x86_64/apache-mod_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 69460daf3173b6c9f0d9f84c3597d81a 2007.0/x86_64/apache-mod_dav-2.2.3-1.3mdv2007.0.x86_64.rpm\n 52cf72324ae29121fe2e2c955808791f 2007.0/x86_64/apache-mod_dbd-2.2.3-1.3mdv2007.0.x86_64.rpm\n 17517cc4f69dec1f4ba1c08b242526e4 2007.0/x86_64/apache-mod_deflate-2.2.3-1.3mdv2007.0.x86_64.rpm\n a5a27827a3f488b9f31a231aad43eae7 2007.0/x86_64/apache-mod_disk_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n f413791db00e648dc0fae00336340bf0 2007.0/x86_64/apache-mod_file_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n 9d74a9b5ff153557cf361ca1726fd9b1 2007.0/x86_64/apache-mod_ldap-2.2.3-1.3mdv2007.0.x86_64.rpm\n b8fde6545785d79344d5a85b7bd88903 2007.0/x86_64/apache-mod_mem_cache-2.2.3-1.3mdv2007.0.x86_64.rpm\n da3a732c1e41e62207085aefcd0fb99c 2007.0/x86_64/apache-mod_proxy-2.2.3-1.3mdv2007.0.x86_64.rpm\n df716921b9736859a712dea86b22c3f5 2007.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3mdv2007.0.x86_64.rpm\n c69fd37756dbe81df897396e6c6413de 2007.0/x86_64/apache-mod_ssl-2.2.3-1.3mdv2007.0.x86_64.rpm\n a24b51c168be4a5d57a1d1b5a1401f83 2007.0/x86_64/apache-mod_userdir-2.2.3-1.3mdv2007.0.x86_64.rpm\n e481d9ceb7ffa6a6299417a6f7874c07 2007.0/x86_64/apache-modules-2.2.3-1.3mdv2007.0.x86_64.rpm\n 0917c7d2edab62a4c62e4dd6136dec93 2007.0/x86_64/apache-mpm-prefork-2.2.3-1.3mdv2007.0.x86_64.rpm\n a98b13300b903a0219dc9de626ea1bbe 2007.0/x86_64/apache-mpm-worker-2.2.3-1.3mdv2007.0.x86_64.rpm\n e83551cd2c8365788b767f90c204a13d 2007.0/x86_64/apache-source-2.2.3-1.3mdv2007.0.x86_64.rpm \n f066c405e8993de4fa506d8c05d37b9e 2007.0/SRPMS/apache-2.2.3-1.3mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n cb95db6136cbe28610e3e9baab45abeb 2007.1/i586/apache-base-2.2.4-6.4mdv2007.1.i586.rpm\n 6f9a4f9e658d51acdb9b8230a3ff8d10 2007.1/i586/apache-devel-2.2.4-6.4mdv2007.1.i586.rpm\n 71499b6f32722a7af4b664849eac6320 2007.1/i586/apache-htcacheclean-2.2.4-6.4mdv2007.1.i586.rpm\n 4c747fdb75063c7bb9bd50c0dbc59a5b 2007.1/i586/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n a3cae606ac80d807f84177c60e8455c8 2007.1/i586/apache-mod_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 0f518e3f63d47d1c5a8193d95030f52d 2007.1/i586/apache-mod_dav-2.2.4-6.4mdv2007.1.i586.rpm\n 3ad5c633a0dcc187aad028f48dfb5b92 2007.1/i586/apache-mod_dbd-2.2.4-6.4mdv2007.1.i586.rpm\n 5fa41f5ac0caecb71c639f78222d8cee 2007.1/i586/apache-mod_deflate-2.2.4-6.4mdv2007.1.i586.rpm\n 1b4b5d31d1596eaa30987921d0ab07be 2007.1/i586/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 597eb4248325c05c1fafae90378425d6 2007.1/i586/apache-mod_file_cache-2.2.4-6.4mdv2007.1.i586.rpm\n f868cb2c42e06ae77fe349c7d31e0958 2007.1/i586/apache-mod_ldap-2.2.4-6.4mdv2007.1.i586.rpm\n a8696226c9930799d1fbad199c5e7084 2007.1/i586/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.i586.rpm\n 2b62f69a3f58f1c572cbd8e961c11043 2007.1/i586/apache-mod_proxy-2.2.4-6.4mdv2007.1.i586.rpm\n bea2a28dc594b5fb8ef0591a7bb91714 2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.i586.rpm\n 9719faa4845deef9dc95f4ceeefce0e6 2007.1/i586/apache-mod_ssl-2.2.4-6.4mdv2007.1.i586.rpm\n 938e503476cac7f68b57322494e8f471 2007.1/i586/apache-mod_userdir-2.2.4-6.4mdv2007.1.i586.rpm\n cd01ff99ebacfe90c317d253d7ac11c4 2007.1/i586/apache-modules-2.2.4-6.4mdv2007.1.i586.rpm\n 5d830472142486b008e84851f5befdf9 2007.1/i586/apache-mpm-event-2.2.4-6.4mdv2007.1.i586.rpm\n 48ec7cbe8edbd745cc8446f2d274d8b7 2007.1/i586/apache-mpm-itk-2.2.4-6.4mdv2007.1.i586.rpm\n ada3666e18e2c49eb4849afbdad60f75 2007.1/i586/apache-mpm-prefork-2.2.4-6.4mdv2007.1.i586.rpm\n 7830123c1e76e8d02ca0a140c2b5f6c6 2007.1/i586/apache-mpm-worker-2.2.4-6.4mdv2007.1.i586.rpm\n 6498cc5113689f513cbdcfae0a2a3ad4 2007.1/i586/apache-source-2.2.4-6.4mdv2007.1.i586.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 839816f464191d3aff0882eac70cea40 2007.1/x86_64/apache-base-2.2.4-6.4mdv2007.1.x86_64.rpm\n ac4910f34cbf168df34cd123604b044b 2007.1/x86_64/apache-devel-2.2.4-6.4mdv2007.1.x86_64.rpm\n a4b4f9d518ed8621348527938f6a8230 2007.1/x86_64/apache-htcacheclean-2.2.4-6.4mdv2007.1.x86_64.rpm\n d554aa06a52bd72e20f035beedd50dcf 2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 68659f413d0b1102c220b1b4824489b6 2007.1/x86_64/apache-mod_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n d92ec9a9deb7d188e644075a18951ae6 2007.1/x86_64/apache-mod_dav-2.2.4-6.4mdv2007.1.x86_64.rpm\n 07b06f6de52f0f107106cead6f47de2c 2007.1/x86_64/apache-mod_dbd-2.2.4-6.4mdv2007.1.x86_64.rpm\n 6bf077871aa95d08c934eacac7f1291e 2007.1/x86_64/apache-mod_deflate-2.2.4-6.4mdv2007.1.x86_64.rpm\n b16f793759b09e75b7e162a5d858d835 2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 635452cc08657fa5da5b65dc40bf2c1b 2007.1/x86_64/apache-mod_file_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 7a238972b773975493d8931d573233ec 2007.1/x86_64/apache-mod_ldap-2.2.4-6.4mdv2007.1.x86_64.rpm\n 46704ca76800a5b967a4dd6e8efef986 2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.4mdv2007.1.x86_64.rpm\n 3c23cff577f9697b719c90918ef91b44 2007.1/x86_64/apache-mod_proxy-2.2.4-6.4mdv2007.1.x86_64.rpm\n c4ea096a86cdab894cb59bb868b849f0 2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.4mdv2007.1.x86_64.rpm\n 01f40dde7c3c93606c82681af472815f 2007.1/x86_64/apache-mod_ssl-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9ade922fc7d52d73a47ca5f3cb2c7525 2007.1/x86_64/apache-mod_userdir-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5e7e44ef5703f1e4fe5a952e5a3f5239 2007.1/x86_64/apache-modules-2.2.4-6.4mdv2007.1.x86_64.rpm\n e1b06e559e600461e19f9ab0f21d94be 2007.1/x86_64/apache-mpm-event-2.2.4-6.4mdv2007.1.x86_64.rpm\n 9903bcc1c12a86a9c2f9483d0ef9685e 2007.1/x86_64/apache-mpm-itk-2.2.4-6.4mdv2007.1.x86_64.rpm\n ce244cc42b6c411d2e3264c6ac6e1a76 2007.1/x86_64/apache-mpm-prefork-2.2.4-6.4mdv2007.1.x86_64.rpm\n 5989a935f4a0e20ac2844982e81cda83 2007.1/x86_64/apache-mpm-worker-2.2.4-6.4mdv2007.1.x86_64.rpm\n 339fccde52210eca1bf7e3cf05b9ce0e 2007.1/x86_64/apache-source-2.2.4-6.4mdv2007.1.x86_64.rpm \n a716565584726e4d2d94ca4796c1d403 2007.1/SRPMS/apache-2.2.4-6.4mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n cb013d3f4f40e2dfe6a90e0a2a7cdd74 2008.0/i586/apache-base-2.2.6-8.1mdv2008.0.i586.rpm\n f2e8d6e8191794fac34ddc7fc0f38588 2008.0/i586/apache-devel-2.2.6-8.1mdv2008.0.i586.rpm\n 8456184db4de115db70e603dbe252456 2008.0/i586/apache-htcacheclean-2.2.6-8.1mdv2008.0.i586.rpm\n 9e8861daffdf9d6b0ab431b1c3c1fac9 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n de1f407b2eb4d84140686375d3497006 2008.0/i586/apache-mod_cache-2.2.6-8.1mdv2008.0.i586.rpm\n eaf010272f97a507f37a6145bb9de809 2008.0/i586/apache-mod_dav-2.2.6-8.1mdv2008.0.i586.rpm\n 4d1073009151607b47ffcedc96cdb834 2008.0/i586/apache-mod_dbd-2.2.6-8.1mdv2008.0.i586.rpm\n cfc6f2958ef8d117d1070e422078cdfa 2008.0/i586/apache-mod_deflate-2.2.6-8.1mdv2008.0.i586.rpm\n 3c423e687c0afc1b224e6535e16ec279 2008.0/i586/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.i586.rpm\n ef790e64feeaf1a9ee5c58fd7e3b359d 2008.0/i586/apache-mod_file_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 8f86f4c499dfa14fb2daf4f8b578e150 2008.0/i586/apache-mod_ldap-2.2.6-8.1mdv2008.0.i586.rpm\n 21b1fc690f38b779ee79bed31c5fa3a2 2008.0/i586/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.i586.rpm\n 0ec954d20d7a080cc9a19c2146480897 2008.0/i586/apache-mod_proxy-2.2.6-8.1mdv2008.0.i586.rpm\n 50a87c9099f0c094c9fbb763e334fae9 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.i586.rpm\n 9d4e1c4a6614e70b77cd2e03e3baeaea 2008.0/i586/apache-mod_ssl-2.2.6-8.1mdv2008.0.i586.rpm\n 29346499f10a850f8011191b0d242709 2008.0/i586/apache-mod_userdir-2.2.6-8.1mdv2008.0.i586.rpm\n 21c5bc6f2861cc532c8b5dae3f3e1ee2 2008.0/i586/apache-modules-2.2.6-8.1mdv2008.0.i586.rpm\n 944b6d2f395f4d26deeef93f9ce55c5b 2008.0/i586/apache-mpm-event-2.2.6-8.1mdv2008.0.i586.rpm\n 0fc46d4eae684b21a9a98a6c876960b3 2008.0/i586/apache-mpm-itk-2.2.6-8.1mdv2008.0.i586.rpm\n ab00a26cd43e9045e66da620e9678412 2008.0/i586/apache-mpm-prefork-2.2.6-8.1mdv2008.0.i586.rpm\n 785499e86b70da53c76a7d3321da1b30 2008.0/i586/apache-mpm-worker-2.2.6-8.1mdv2008.0.i586.rpm\n c1ccaf747ebe4bd71f875f70c969d4e7 2008.0/i586/apache-source-2.2.6-8.1mdv2008.0.i586.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 56b868f5c7a86b68666af13fe2a5c925 2008.0/x86_64/apache-base-2.2.6-8.1mdv2008.0.x86_64.rpm\n 16ca885969a1bd9d7f6d4a00a7c33095 2008.0/x86_64/apache-devel-2.2.6-8.1mdv2008.0.x86_64.rpm\n 76bcdbe509c56ec471ff767f5f7f925f 2008.0/x86_64/apache-htcacheclean-2.2.6-8.1mdv2008.0.x86_64.rpm\n 36fc978398d6b8f406f0913ecac5576e 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n d6644c5729325e3a0f7bda5ffe12523c 2008.0/x86_64/apache-mod_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 98e86f62995310727dc7b7343776c948 2008.0/x86_64/apache-mod_dav-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7aa7da7cb9fc4f29071535620de42023 2008.0/x86_64/apache-mod_dbd-2.2.6-8.1mdv2008.0.x86_64.rpm\n 8cb681d914e9619adf261dca86154538 2008.0/x86_64/apache-mod_deflate-2.2.6-8.1mdv2008.0.x86_64.rpm\n 1ebc35b8050495230d6809f97dd89731 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 7db7d64521dc4253edc59645e79a5e57 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 5624b75d6d1eb311e6332c6a7e10e42f 2008.0/x86_64/apache-mod_ldap-2.2.6-8.1mdv2008.0.x86_64.rpm\n e7049015c893a5a75d0c4bbc68e18615 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.1mdv2008.0.x86_64.rpm\n 910e8bcb28e00501ebd39aa9c30e3cad 2008.0/x86_64/apache-mod_proxy-2.2.6-8.1mdv2008.0.x86_64.rpm\n 2451f7726434398f715bac328422faa8 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.1mdv2008.0.x86_64.rpm\n c6a102776378eecfbe64f87d2a4f261b 2008.0/x86_64/apache-mod_ssl-2.2.6-8.1mdv2008.0.x86_64.rpm\n 27a79220cf963ba1dfe6f17d6e66d3f5 2008.0/x86_64/apache-mod_userdir-2.2.6-8.1mdv2008.0.x86_64.rpm\n e87a2f8d0e8cf23fe0cc3a7a44195f68 2008.0/x86_64/apache-modules-2.2.6-8.1mdv2008.0.x86_64.rpm\n 6224d03ea5169e71fd588ddff0b95f16 2008.0/x86_64/apache-mpm-event-2.2.6-8.1mdv2008.0.x86_64.rpm\n e61bcd69bd997a5cddacc2f58dd1f1b9 2008.0/x86_64/apache-mpm-itk-2.2.6-8.1mdv2008.0.x86_64.rpm\n 304a7257ba0104bb799c3ab6a09cb977 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.1mdv2008.0.x86_64.rpm\n d19f57238828efc73f24ff69c1dca341 2008.0/x86_64/apache-mpm-worker-2.2.6-8.1mdv2008.0.x86_64.rpm\n e72351edf865715beac70996ca1ea09b 2008.0/x86_64/apache-source-2.2.6-8.1mdv2008.0.x86_64.rpm \n 2d535ab37b9a247e827054766219f7e6 2008.0/SRPMS/apache-2.2.6-8.1mdv2008.0.src.rpm\n\n Corporate 4.0:\n 0c36f90139943f6564058fb6c9a0028c corporate/4.0/i586/apache-base-2.2.3-1.3.20060mlcs4.i586.rpm\n 2c23db7c0c820a6d05cf9e89e10d437b corporate/4.0/i586/apache-devel-2.2.3-1.3.20060mlcs4.i586.rpm\n 6729c4c238ea40547ca8ad4ad34fac39 corporate/4.0/i586/apache-htcacheclean-2.2.3-1.3.20060mlcs4.i586.rpm\n 8c6b35f7192abf90e6af6a07c27099d0 corporate/4.0/i586/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 6f3ae30580187b440261747c0f975ec6 corporate/4.0/i586/apache-mod_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n 56dd118e6e37165e6638baab4e58d08e corporate/4.0/i586/apache-mod_dav-2.2.3-1.3.20060mlcs4.i586.rpm\n 6e3512489622cf59e0f32458d943f65b corporate/4.0/i586/apache-mod_dbd-2.2.3-1.3.20060mlcs4.i586.rpm\n 7946432730bdac3ec21ca376f8f8ca12 corporate/4.0/i586/apache-mod_deflate-2.2.3-1.3.20060mlcs4.i586.rpm\n eeac05dfe0a57512de566f6a2e1e105e corporate/4.0/i586/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b50af44b3084fcff0bc6cff1ac50023f corporate/4.0/i586/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n a92816a879182cbca50ebace4bb5f193 corporate/4.0/i586/apache-mod_ldap-2.2.3-1.3.20060mlcs4.i586.rpm\n 2ca6a18de738a817cb346f1eb31bf76a corporate/4.0/i586/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.i586.rpm\n b984ff19a2458f844f62be84635060d1 corporate/4.0/i586/apache-mod_proxy-2.2.3-1.3.20060mlcs4.i586.rpm\n b816b9c09345b92da5a0216f5e9db932 corporate/4.0/i586/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.i586.rpm\n 240fb4ea33d91846fc083def26b19465 corporate/4.0/i586/apache-mod_ssl-2.2.3-1.3.20060mlcs4.i586.rpm\n afcda5d86a48edba71a81a8fda0d0f75 corporate/4.0/i586/apache-mod_userdir-2.2.3-1.3.20060mlcs4.i586.rpm\n 76705f36eb869b9a1520df0c09a7d1e9 corporate/4.0/i586/apache-modules-2.2.3-1.3.20060mlcs4.i586.rpm\n eb5bc900fa99aab700c29af7978ca44f corporate/4.0/i586/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.i586.rpm\n 57a7cb6d3fc97eca6c46685f606a3618 corporate/4.0/i586/apache-mpm-worker-2.2.3-1.3.20060mlcs4.i586.rpm\n 804752d26fd2db2088cbc73ee9aee8f5 corporate/4.0/i586/apache-source-2.2.3-1.3.20060mlcs4.i586.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 74d411bb422230857a8971a9ce428c0e corporate/4.0/x86_64/apache-base-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 5ede29fb5e502fdc96dbb4722b69bb26 corporate/4.0/x86_64/apache-devel-2.2.3-1.3.20060mlcs4.x86_64.rpm\n dcecf6dece1ec0c083f924b8e545b864 corporate/4.0/x86_64/apache-htcacheclean-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b7bf0d94f575d6e1e42296b69e5d056b corporate/4.0/x86_64/apache-mod_authn_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6718af7bd108e06d8e6be0046473ce69 corporate/4.0/x86_64/apache-mod_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n fce075627de036b3d71a93ceafa6105e corporate/4.0/x86_64/apache-mod_dav-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 973a484aed44fd0281c34a0227131400 corporate/4.0/x86_64/apache-mod_dbd-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 359ad6bfc294b82d14788ea3f2fb5b1f corporate/4.0/x86_64/apache-mod_deflate-2.2.3-1.3.20060mlcs4.x86_64.rpm\n ce014700683860f81922680ab29d335b corporate/4.0/x86_64/apache-mod_disk_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n b918e9b9eeb06303a8b3f26f63666f74 corporate/4.0/x86_64/apache-mod_file_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 969c3cf38987f91d576de441e5781b5d corporate/4.0/x86_64/apache-mod_ldap-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e3c4128b336c45e9470e57a1439cead9 corporate/4.0/x86_64/apache-mod_mem_cache-2.2.3-1.3.20060mlcs4.x86_64.rpm\n e6c07bd0bed38660852db97807e0b3dd corporate/4.0/x86_64/apache-mod_proxy-2.2.3-1.3.20060mlcs4.x86_64.rpm\n d6b2621b48abe4c74ecd5e24e7c3c9f9 corporate/4.0/x86_64/apache-mod_proxy_ajp-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 166b443903e18e77afee950f368ae763 corporate/4.0/x86_64/apache-mod_ssl-2.2.3-1.3.20060mlcs4.x86_64.rpm\n bcbd01a168655d57ad7dcbf424b4d91a corporate/4.0/x86_64/apache-mod_userdir-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 3723d163f681e478e677c75a286f352e corporate/4.0/x86_64/apache-modules-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f17cbd7d765045b30dd43f62efb7cfd3 corporate/4.0/x86_64/apache-mpm-prefork-2.2.3-1.3.20060mlcs4.x86_64.rpm\n 6e704ce4a8ab0b5817273af16b997ea2 corporate/4.0/x86_64/apache-mpm-worker-2.2.3-1.3.20060mlcs4.x86_64.rpm\n f35f2e3795dba910451ac03ec63f8898 corporate/4.0/x86_64/apache-source-2.2.3-1.3.20060mlcs4.x86_64.rpm \n ece351bfa879df71f200f00d143779b9 corporate/4.0/SRPMS/apache-2.2.3-1.3.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01607570\nVersion: 1\n\nHPSBMA02388 SSRT080059 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-11-19\nLast Updated: 2008-11-19\n\nPotential Security Impact: Remote cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). \n\nReferences: CVE-2007-6388, CVE-2007-5000\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP OpenView Network Node Manager (OV NNM) v7.01, v7.51, v7.53 running on HP-UX, Linux, and Solaris\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has made patches available to resolve the vulnerabilities. \n\nThe patches are available from http://itrc.hp.com \n\nOV NNM v7.53 \n===========\nOperating_System - HP-UX (IA)\nResolved in Patch - PHSS_38148 or subsequent\n \nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38147 or subsequent\n \nOperating_System - Linux RedHatAS2.1 \nResolved in Patch - LXOV_00085 or subsequent\n \nOperating_System - Linux RedHat4AS-x86_64 \nResolved in Patch - LXOV_00086 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03514 or subsequent\n \nOV NNM v7.51 \n===========\nUpgrade to NNM v7.53 and install the patches listed above. \n\nOV NNM v7.01 \n===========\nOperating_System - HP-UX (PA)\nResolved in Patch - PHSS_38761 or subsequent\n \nOperating_System - Solaris\nResolved in Patch - PSOV_03516 or subsequent\n \n\nMANUAL ACTIONS: Yes - NonUpdate \nApply the appropriate file as described in the Resolution. \n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa \n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS (for HP-UX)\n\nFor HP-UX OV NNM 7.53 \nHP-UX B.11.31 \nHP-UX B.11.23 (IA) \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38148 or subsequent \nURL: http://itrc.hp.com \n\nHP-UX B.11.23 (PA) \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38147 or subsequent \nURL: http://itrc.hp.com \n\nFor HP-UX OV NNM 7.51 \nHP-UX B.11.31 \nHP-UX B.11.23 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: upgrade NNM v7.51 to NNM v7.53 and apply the appropriate patches \n\nFor HP-UX OV NNM 7.01 \nHP-UX B.11.00 \nHP-UX B.11.11 \n============= \nOVNNMgr.OVNNM-RUN \naction: install PHSS_38761 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS (for HP-UX)\n\nHISTORY \nVersion:1 (rev.1) - 19 November 2008 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSSQhVOAfOvwtKn1ZEQIlVQCg4n4fABzC24c9qQ5gz68oPLMVKI0AoMbs\nA2UIaH3YB7z+o42Tm7Eg7ahn\n=lskD\n-----END PGP SIGNATURE-----\n. The goal of this project is to\nprovide a secure, efficient and extensible server that provides\nHTTP services in sync with the current HTTP standards. The November 2005 Netcraft Web Server Survey found\nthat more than 70% of the web sites on the Internet are using\nApache, thus making it more widely used than all other web\nservers combined. A HTML page is presented that gives the current server statistics in an easily readable form. If required this page can be made to automatically refresh (given a compatible browser). Another page gives a simple machine-readable list of the current server state.\"\n\n- --- 1. Apache Refresh Header - Open Redirector (XSS) Vulnerability ---\n\nDuring the fact that Apache mod_status do not filter char \";\" we can inject new URL. \nThis fact give attacker open redirector and can lead to phishing attack. \nAlso attacker can create more advanced method to trigger XSS on victim\u0027s browser. Exploit ---\n\nSecurityReason is not going to release a exploit to the general public. \nExploit was provided and tested for Apache Team . References ---\n\nA Refreshing Look at Redirection : http://www.securityfocus.com/archive/1/450418 by Amit Klein\n\n- --- 5. Greets ---\n\nFor: Maksymilian Arciemowicz ( cXIb8O3 ), Infospec, pi3, p_e_a, mpp\n\n- --- 6. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache v2.0.59.00.2 or earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6388"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "PACKETSTORM",
"id": "63601"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6388",
"trust": 3.8
},
{
"db": "BID",
"id": "27237",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "28471",
"trust": 2.5
},
{
"db": "USCERT",
"id": "TA08-150A",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1019154",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "29988",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28607",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28977",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30732",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30430",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29504",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28526",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29806",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "33200",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28749",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28922",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "30356",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29640",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "32800",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "31142",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "29420",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28965",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "28467",
"trust": 1.7
},
{
"db": "SREASON",
"id": "3541",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0809",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0047",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1623",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1697",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0554",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0447",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0924",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1224",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-0986",
"trust": 1.7
},
{
"db": "USCERT",
"id": "SA08-150A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "TA08-079A",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA08-079A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2007-6388",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62720",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "89987",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "80533",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62719",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "72120",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62634",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63601",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "PACKETSTORM",
"id": "63601"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"id": "VAR-200801-0561",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.16519225
},
"last_update_date": "2024-11-29T20:27:08.417000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache httpd 1.3.41",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html#1.3.41"
},
{
"title": "Fixed in Apache httpd 2.0.63",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.63"
},
{
"title": "Fixed in Apache httpd 2.2.8",
"trust": 0.8,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html#2.2.8"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307562-en"
},
{
"title": "Security Update 2008-003",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT1897?viewlocale=ja_JP"
},
{
"title": "Security Update 2008-002",
"trust": 0.8,
"url": "http://docs.info.apple.com/article.html?artnum=307562-ja"
},
{
"title": "httpd-2.2.3-11.3.1AX",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=94"
},
{
"title": "HS08-016",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-016/index.html"
},
{
"title": "HPSBUX02313",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01364714"
},
{
"title": "HPSBUX02313",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02313.html"
},
{
"title": "4019245",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"title": "PK65782",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK65782"
},
{
"title": "PK63273",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?rs=0\u0026context=SSEQTJ\u0026uid=swg1PK63273\u0026loc=en_US\u0026cs=utf-8\u0026cc=US\u0026lang=all"
},
{
"title": "7007033",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007033#60227"
},
{
"title": "httpd (V3.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1224"
},
{
"title": "httpd (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1221"
},
{
"title": "apache (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1205"
},
{
"title": "Oracle Critical Patch Update Advisory - July 2013",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"title": "Text Form of Oracle Critical Patch Update - July 2013 Risk Matrices",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html"
},
{
"title": "RHSA-2008:0004",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0004.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0005.html"
},
{
"title": "RHSA-2008:0006",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0006.html"
},
{
"title": "RHSA-2008:0007",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0007.html"
},
{
"title": "RHSA-2008:0008",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2008-0008.html"
},
{
"title": "July 2013 Critical Patch Update Released",
"trust": 0.8,
"url": "https://blogs.oracle.com/security/entry/july_2013_critical_patch_update"
},
{
"title": "233623",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"title": "TLSA-2008-5",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2008/TLSA-2008-5.txt"
},
{
"title": "interstage_as_200808",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200808.html"
},
{
"title": "HS08-016",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS08-016/index.html"
},
{
"title": "RHSA-2008:0005",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0005J.html"
},
{
"title": "RHSA-2008:0006",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0006J.html"
},
{
"title": "RHSA-2008:0008",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0008J.html"
},
{
"title": "RHSA-2008:0004",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0004J.html"
},
{
"title": "TLSA-2008-5",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2008/TLSA-2008-5j.txt"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-575-1"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/SecureAxom/strike "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/27237"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1019154"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-150a.html"
},
{
"trust": 2.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-032.htm"
},
{
"trust": 2.0,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=689039"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk62966"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pk63273"
},
{
"trust": 2.0,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24019245"
},
{
"trust": 2.0,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200808e.html"
},
{
"trust": 2.0,
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:014"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:015"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0004.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0005.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0006.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0007.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0008.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28467"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28471"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:016"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28526"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28607"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-575-1"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28749"
},
{
"trust": 1.7,
"url": "http://www116.nortel.com/pub/repository/clarify/document/2008/05/023342-01.pdf"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28965"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00562.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00541.html"
},
{
"trust": 1.7,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.595748"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28977"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28922"
},
{
"trust": 1.7,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233623-1"
},
{
"trust": 1.7,
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008/mar/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29420"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=pk59667\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29504"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/3541"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29640"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29806"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0009.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29988"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30356"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2008//may/msg00001.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30430"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31142"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30732"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/33200"
},
{
"trust": 1.7,
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000062.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0809/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0554"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0986/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0047"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1224/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/0447/references"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1623/references"
},
{
"trust": 1.7,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32800"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39472"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10272"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/505990/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/498523/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/494428/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/488082/100/0/threaded"
},
{
"trust": 1.5,
"url": "http://httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 1.5,
"url": "http://httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 1.5,
"url": "http://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 1.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6388"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2008/0047"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-079a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta08-150a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-079a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta08-150a/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-6388"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/28471/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-079a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa08-150a.html"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-079a.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_13.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "httpd.apache.org/security/vulnerabilities_20.html"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.4,
"url": "http://securityreason.com/achievement_securityalert/50"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5000"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0005"
},
{
"trust": 0.4,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.4,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "https://www13.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c01607570\u0026admit=109447627+1227181083938+28353475"
},
{
"trust": 0.3,
"url": " http://www.phptoys.com/product/micro-news.html"
},
{
"trust": 0.3,
"url": "https://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v61.readme.html#mh01110"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-233623-1"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement1.3.html"
},
{
"trust": 0.3,
"url": "http://www.apache.org/dist/httpd/announcement2.0.html"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-026.htm"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2008-031.htm"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01364714"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0004.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0005.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0006.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0007.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0008.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0261.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0263.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6422"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6421"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.3,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4465"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3847"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/575-1/"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.4-3ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu4.2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.3-3.2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.3-3.2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.3-3.2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.4-3ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu4.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu4.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.4-3ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.3-3.2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.4-3ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.4-3ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.3-3.2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.4-3ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2364"
},
{
"trust": 0.1,
"url": "http://support.openview.hp.com/support.jsp"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ace25/doc/releasenotes_ace253.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/player25/doc/releasenotes_player253.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1863"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/ws65/doc/releasenotes_ws653.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3304"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.exe"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.i386.bundle"
},
{
"trust": 0.1,
"url": "http://download3.vmware.com/software/vmplayer/vmware-player-2.5.3-185404.x86_64.bundle"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0040"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3847"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4465"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6422"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6421"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org/docs/2.0/mod/mod_status.html"
},
{
"trust": 0.1,
"url": "http://securityreason.com/key/sp3x.gpg"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/archive/1/450418"
},
{
"trust": 0.1,
"url": "http://securityreason.com"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "PACKETSTORM",
"id": "63601"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"db": "BID",
"id": "27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "89987"
},
{
"db": "PACKETSTORM",
"id": "80533"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "PACKETSTORM",
"id": "63601"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-01-08T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"date": "2008-01-10T00:00:00",
"db": "BID",
"id": "27237"
},
{
"date": "2008-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"date": "2008-02-05T00:41:56",
"db": "PACKETSTORM",
"id": "63262"
},
{
"date": "2008-01-17T05:57:19",
"db": "PACKETSTORM",
"id": "62720"
},
{
"date": "2010-05-27T05:11:37",
"db": "PACKETSTORM",
"id": "89987"
},
{
"date": "2009-08-23T16:31:17",
"db": "PACKETSTORM",
"id": "80533"
},
{
"date": "2008-01-17T05:56:17",
"db": "PACKETSTORM",
"id": "62719"
},
{
"date": "2008-01-17T05:59:17",
"db": "PACKETSTORM",
"id": "62721"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2008-11-20T19:21:09",
"db": "PACKETSTORM",
"id": "72120"
},
{
"date": "2008-01-15T20:26:59",
"db": "PACKETSTORM",
"id": "62634"
},
{
"date": "2008-02-13T22:27:37",
"db": "PACKETSTORM",
"id": "63601"
},
{
"date": "2008-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"date": "2008-01-08T18:46:00",
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-06T00:00:00",
"db": "VULMON",
"id": "CVE-2007-6388"
},
{
"date": "2015-04-13T21:21:00",
"db": "BID",
"id": "27237"
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001001"
},
{
"date": "2021-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200801-095"
},
{
"date": "2024-11-21T00:40:01.837000",
"db": "NVD",
"id": "CVE-2007-6388"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache HTTP Server of mod_status Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001001"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "63262"
},
{
"db": "PACKETSTORM",
"id": "62720"
},
{
"db": "PACKETSTORM",
"id": "62719"
},
{
"db": "PACKETSTORM",
"id": "62721"
},
{
"db": "PACKETSTORM",
"id": "72120"
},
{
"db": "PACKETSTORM",
"id": "62634"
},
{
"db": "CNNVD",
"id": "CNNVD-200801-095"
}
],
"trust": 1.2
}
}
var-200110-0282
Vulnerability from variot
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2 Published: 2006-09-28 Updated: 2006-09-29 Resolved issue in patch for CVE-2006-2940 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1
References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613
Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.
29 September 2006 Update: The initial fix for this vulnerability was
incomplete, and the fault in the fix could enable a Denial of Service
attack in some cases of the attack described in CVE-2006-2940.
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDKSA-2006:172-1 http://www.mandriva.com/security/
Package : openssl Date : October 2, 2006 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
Problem Description:
Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk).
Update:
There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Updated Packages:
Mandriva Linux 2006.0: 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm
Mandriva Linux 2007.0: db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm
Corporate 3.0: 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 3.0/X86_64: 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm
Corporate 4.0: 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm
Multi Network Firewall 2.0: cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3 mAaLoEPfjUca1TR98vgpZUU= =Ff9O -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
~ VMware Security Advisory
Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340
- Summary:
~ Several critical security vulnerabilities have been addressed ~ in the newest releases of VMware's hosted product line.
- Relevant releases:
~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier
- Problem description:
~ a. Host to guest shared folder (HGFS) traversal vulnerability
~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.
NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.
~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ b. Insecure named pipes
~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.
~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.
~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities
~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ d. Updated OpenSSL library to address various security vulnerabilities
~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion is not affected by this issue.
~ e. VIX API default setting changed to a more secure default value
~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability
~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.
~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.
~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ NOTE: Fusion and Linux based products are not affected by this ~ issue.
~ g. DHCP denial of service vulnerability
~ A potential denial of service issue affects DHCP service running ~ on the host.
~ VMware would like to thank Martin O'Neal for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)
~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.
~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file
~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.
~ VMware would like to thank Sun Bing for reporting the issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.
~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)
~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service
~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface. This may result in denial ~ of service via memory exhaustion and memory corruption.
~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.
~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.
~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)
- Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9
~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202
~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8
~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0
~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f
- References:
~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02824490 Version: 1
HPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-05-05 Last Updated: 2011-05-05
Potential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications.
References: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2 CVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has made the following software updates available to resolve these vulnerabilities.
Kit Name Location
HP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html
CSWS_PHP V2.2 http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html
HISTORY Version:1 (rev.1) - 5 May 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. HP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows.
BACKGROUND
RESOLUTION HP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
Gentoo Linux Security Advisory GLSA 200610-11
http://security.gentoo.org/
Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11
Synopsis
OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.
Background
OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL 0.9.8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
All OpenSSL 0.9.7 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
References
[ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200610-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. (This issue did not affect OpenSSL versions prior to 0.9.7)
- Certain types of public key can take disproportionate amounts of time to process.
Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.
Acknowledgements
The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).
SSLv2 Client Crash (CVE-2006-4343)
Vulnerability
A flaw in the SSLv2 client code was discovered.
Recommendations
These vulnerabilities are resolved in the following versions of OpenSSL:
- in the 0.9.7 branch, version 0.9.7l (or later);
- in the 0.9.8 branch, version 0.9.8d (or later).
OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
o https://www.openssl.org/source/
o ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.8d.tar.gz
MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
o openssl-0.9.7l.tar.gz
MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9*.tar.gz
openssl sha1 openssl-0.9*.tar.gz
After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with the configuration program
vmware-config which could set incorrect permissions on SSL key
files. Local users may be able to obtain access to the SSL key
files.
(CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,
and earlier versions allows attackers to cause a denial of service
(CPU consumption) via parasitic public keys with large (1) "public
exponent" or (2) "public modulus" values in X.509 certificates that
require extra time to process when using RSA signature verification.
(CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
padding before generating a hash, which allows remote attackers to
forge a PKCS #1 v1.5 signature that is signed by that RSA key and
prevents OpenSSL from correctly verifying X.509 and other
certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by Patch ESX-3069097
ESX 2.5.4: does not have these problems
ESX 2.5.3: does not have these problems
ESX 2.1.3: does not have these problems
ESX 2.0.2: does not have these problems
(CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
other versions, when using privilege separation, does not properly
signal the non-privileged process when a session has been terminated
after exceeding the LoginGraceTime setting, which leaves the
connection open and allows remote attackers to cause a denial of
service (connection consumption).
(CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
arbitrary commands via filenames that contain shell metacharacters
or spaces, which are expanded twice.
(CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
access by numeric IP addresses and with VerifyReverseMapping
disabled, allows remote attackers to bypass "from=" and "user@host"
address restrictions by connecting to a host from a system whose
reverse DNS hostname contains the numeric IP address.
NOTE: ESX by default disables version 1 SSH protocol.
NOTE: ESX doesn't use GSSAPI by default.
(CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
Separation Monitor in OpenSSH before 4.5 causes weaker verification
that authentication has been successful, which might allow attackers
to bypass authentication.
NOTE: as of 20061108, it is believed that this issue is only
exploitable by leveraging vulnerabilities in the unprivileged
process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
files:
ESX 3.0.1: does not have this problem
ESX 3.0.0: does not have this problem
ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
A possible security issue with virtual disk (.vmdk or .dsk) files
that are newly created, but contain blocks from recently deleted
virtual disk files. Information belonging to the previously
deleted virtual disk files could be revealed in newly created
virtual disk files.
VMware recommends the following workaround: When creating new
virtual machines on an ESX Server that may contain sensitive
data, use vmkfstools with the -W option. This initializes the
virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
ESX 3.0.1: corrected by Patch ESX-9986131
ESX 3.0.0: corrected by ESX-3069097
ESX 2.5.4: does not have this problem
ESX 2.5.3: does not have this problem
ESX 2.1.3: does not have this problem
ESX 2.0.2: does not have this problem
A possible security issue with how the Python function repr()
function handles UTF-32/UCS-4 strings.
ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb
ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc
ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb
ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739
ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f
ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f
- References:
ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097
ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131
ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html
ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html
ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html
ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
- Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0282",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "openssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 3.2,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "oracle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "rpath",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "trustix secure linux",
"version": null
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7f"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7e"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7i"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7h"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7d"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7c"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.6,
"vendor": "openssl",
"version": "0.9.7g"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8a"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8b"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.7j"
},
{
"model": "openssl",
"scope": "eq",
"trust": 1.0,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "attachmatewrq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gnutls",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "iaik java group",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intoto",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "opera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "rsa security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ssh security corp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sybase",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vandyke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.2.6-p1"
},
{
"model": "bind",
"scope": "lte",
"trust": 0.8,
"vendor": "isc",
"version": "9.3.2-p1"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.7k"
},
{
"model": "openssl",
"scope": "lte",
"trust": 0.8,
"vendor": "openssl",
"version": "0.9.8c"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10_f"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (hosting)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "1.0 (workgroup)"
},
{
"model": "turbolinux appliance server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "2.0"
},
{
"model": "turbolinux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux fuji",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux multimedia",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "10 (x64)"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "home",
"scope": null,
"trust": 0.8,
"vendor": "turbo linux",
"version": null
},
{
"model": "trendmicro interscan web security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "1.1 solaris edition"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3.0"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.0"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.30"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.20"
},
{
"model": "wide area file services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/32"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "call manager sr2c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "siparator",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.79"
},
{
"model": "enterprise linux es ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.5"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.16"
},
{
"model": "project openssl g",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "computing snapgear sg565",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.2"
},
{
"model": "ciscoworks common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(0)"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(1)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.3"
},
{
"model": "appliance server hosting edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "s8500 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "fuji",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "hardware management console for pseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "project openssl b",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "bind a5",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "hardware management console for iseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.1.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76650"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/3"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/2"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "project openssl b-36.8",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(1)"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.00"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.6(1)"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "s8700 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8300 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.9"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "3.0"
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"model": "appliance server workgroup edition",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "1.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(2)"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.11"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.2"
},
{
"model": "hardware management console for iseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.680404"
},
{
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "s8710 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "server c",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "karagulle cwrsync",
"scope": "eq",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.9"
},
{
"model": "grid engine update5",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "hardware management console for pseries r5.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.380004"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.7"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.334685"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(3)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "grid engine update7",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "hardware management console",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.2.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.2.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(0)"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.5"
},
{
"model": "server 0.9.1b",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.4.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "call manager es32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "call manager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "karagulle cwrsync",
"scope": "ne",
"trust": 0.3,
"vendor": "tevfik",
"version": "2.0.10"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.6"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1-1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.14"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.9"
},
{
"model": "server a",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "bind a4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "computing snapgear sg560",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "project openssl i",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "grid engine sun linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "hardware management console for pseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.3.2"
},
{
"model": "current",
"scope": null,
"trust": 0.3,
"vendor": "openpkg",
"version": null
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3x86"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.6.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3"
},
{
"model": "server 0.8.6a",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.1"
},
{
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"model": "hardware management console for pseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "3.0/31"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "firewalll",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(3)"
},
{
"model": "hardware management console for iseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "workstation build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.680404"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.7"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.7"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind rc3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "call manager sr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.2.0.1"
},
{
"model": "call manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.0.201"
},
{
"model": "hardware management console for iseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "call manager es07",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"model": "hardware management console for pseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(0)"
},
{
"model": "workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.8"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(0)"
},
{
"model": "ons ios-based blades",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "15454"
},
{
"model": "operating system enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.7"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "232"
},
{
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "76550"
},
{
"model": "wireless control system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "hardware management console for iseries r2.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.3"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.5.0"
},
{
"model": "project openssl h",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "grid engine",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.17"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.3"
},
{
"model": "project openssl d",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.5"
},
{
"model": "financials server",
"scope": "eq",
"trust": 0.3,
"vendor": "navision",
"version": "3.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "hardware management console for pseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.4"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "intuity lx",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(1)"
},
{
"model": "amc",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/6"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0(2)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "anti-virus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.1.3"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.1"
},
{
"model": "access registrar",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.7.1"
},
{
"model": "hardware management console for iseries r3.2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "server 0.9.4d",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "project openssl f",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "grid engine update7 1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.4"
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.4"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "call manager es40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.19"
},
{
"model": "call manager es50",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "amc",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0/5"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.4"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.2"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.6"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.3(5)"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"model": "security agent",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.659"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.4"
},
{
"model": "converged communications server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "reflection for secure it sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.22"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0"
},
{
"model": "hardware management console for iseries r3.3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "reflection for secure it",
"scope": "eq",
"trust": 0.3,
"vendor": "attachmate",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.2"
},
{
"model": "grid engine update1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "css11500 content services switch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "s8500 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44900"
},
{
"model": "s8700 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "project openssl beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.2"
},
{
"model": "call manager es56",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.0"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.3"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0x86"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.11"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "bind -p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"model": "ipcop",
"scope": "eq",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.12"
},
{
"model": "hardware management console for iseries r1.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.5"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0"
},
{
"model": "personal",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.3"
},
{
"model": "project openssl a",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "1.4.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "project openssl e",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "predictive dialer",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "ftp server",
"scope": "ne",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.3.1"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1(2)"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0"
},
{
"model": "project openssl",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.2"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.0"
},
{
"model": "project openssl c",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "works common services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "bind b3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "grid engine update2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "appliance server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "2.0"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.193"
},
{
"model": "red hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)5.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.6(1)"
},
{
"model": "filezilla",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.15"
},
{
"model": "hardware management console for iseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.2"
},
{
"model": "security mars",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.2"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4480"
},
{
"model": "call manager sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "unified presence server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "predictive dialing system",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "11.0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.1"
},
{
"model": "hardware management console for pseries r4.0",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.5"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "ipcop",
"scope": "ne",
"trust": 0.3,
"vendor": "ipcop",
"version": "1.4.13"
},
{
"model": "insight management agents for tru64 unix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "3.5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"model": "call manager es33",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.5"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ace",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.1"
},
{
"model": "s8300 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.8"
},
{
"model": "f...",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.3"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.0"
},
{
"model": "beta11",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/2"
},
{
"model": "grid engine 32-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.6"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "enterprise linux ws ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hardware management console for pseries r3.6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.0"
},
{
"model": "s8710 r2.0.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 0.3,
"vendor": "openpkg",
"version": "2.3"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "filezilla",
"scope": "ne",
"trust": 0.3,
"vendor": "filezilla",
"version": "2.2.28"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/4"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "bind b",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.3"
},
{
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "6.0.1"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.9"
},
{
"model": "hardware management console for pseries r3.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.4"
},
{
"model": "computing snapgear sg710",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.3"
},
{
"model": "call manager es62",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.444386"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.1"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3.132"
},
{
"model": "fast360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/5"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.2"
},
{
"model": "css11500 content services switch s",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.10"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.2.1"
},
{
"model": "groupware server",
"scope": "eq",
"trust": 0.3,
"vendor": "kolab",
"version": "2.0.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "fast360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "4.0/1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "255"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "secure acs build",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(1)23"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.2"
},
{
"model": "sip proxy server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2007.0"
},
{
"model": "openvms secure web server",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.2"
},
{
"model": "project openssl k",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "server b",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.1.3"
},
{
"model": "ace",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.3"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "275"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "grid engine update3",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "s8500",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "project openssl beta3",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.2"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.639"
},
{
"model": "workcentre pro",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "245"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.5"
},
{
"model": "openvpn",
"scope": "ne",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.9"
},
{
"model": "firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.2"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.1.0.4"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(2)"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.0.1"
},
{
"model": "workstation build",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "5.5.342958"
},
{
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "grid engine 64-bit sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.3"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "s8500 cm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "s8710 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "advanced workstation for the itanium processor ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "3.1"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "hat enterprise linux as ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "2.1"
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.3,
"vendor": "openvpn",
"version": "2.0.7"
},
{
"model": "grid engine update4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.4"
},
{
"model": "ons mspp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "5.4-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.3.30"
},
{
"model": "project openssl j",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "project openssl d",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.8"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3.728"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(1)"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "bind -p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "grid engine update6",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.0"
},
{
"model": "ciscoworks common management foundation",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "home",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.4"
},
{
"model": "bind a6",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.4"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154543.3"
},
{
"model": "hardware management console for iseries r2.1",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.0"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "tru64 b-4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.4.1"
},
{
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5"
},
{
"model": "call manager es55",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "ons 15454sdh",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0(0)"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.5"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server 0.9.4e",
"scope": null,
"trust": 0.3,
"vendor": "filezilla",
"version": null
},
{
"model": "player build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "2.0.380004"
},
{
"model": "tru64 b-3",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "security agent",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.5.1.657"
},
{
"model": "secure enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "trustix",
"version": "2.0"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.3.1"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "265"
},
{
"model": "call manager es24",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "hardware management console for pseries",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.2.1"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.3.2"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "turbolinux",
"version": "10.0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.3"
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44910"
},
{
"model": "s8300 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "computing snapgear u2",
"scope": "ne",
"trust": 0.3,
"vendor": "secure",
"version": "3.1.4"
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154542.3(5)"
},
{
"model": "ssl360",
"scope": "eq",
"trust": 0.3,
"vendor": "arkoon",
"version": "1.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "ftp server",
"scope": "eq",
"trust": 0.3,
"vendor": "serv u",
"version": "6.01"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "4.5.1"
},
{
"model": "project openssl beta1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.3"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.9.6"
},
{
"model": "server",
"scope": "eq",
"trust": 0.3,
"vendor": "filezilla",
"version": "0.8.5"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.0.2"
},
{
"model": "download accelarator",
"scope": "eq",
"trust": 0.3,
"vendor": "prozilla",
"version": "1.3.2"
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "siparator",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2"
},
{
"model": "s8700 r2.0.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"model": "computing snapgear sg580",
"scope": "eq",
"trust": 0.3,
"vendor": "secure",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "system management homepage",
"scope": "ne",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.8"
},
{
"model": "ons 15454e optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "openvms secure web server",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.1-1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "system management homepage",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "2.1.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "ingate",
"version": "3.2.1"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "gss global site selector",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44920"
},
{
"model": "project openssl l",
"scope": "ne",
"trust": 0.3,
"vendor": "openssl",
"version": "0.9.7"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "workcentre",
"scope": "eq",
"trust": 0.3,
"vendor": "xerox",
"version": "238"
},
{
"model": "player",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.5"
},
{
"model": "server build",
"scope": "ne",
"trust": 0.3,
"vendor": "vmware",
"version": "1.0.580187"
},
{
"model": "ons mstp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154540"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "ssl360",
"scope": "ne",
"trust": 0.3,
"vendor": "arkoon",
"version": "2.0/3"
},
{
"model": "multimedia",
"scope": null,
"trust": 0.3,
"vendor": "turbolinux",
"version": null
},
{
"model": "ons optical transport platform",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "154544.0(2)"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openssl:openssl",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:turbolinux:turbolinux_home",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:trendmicro:interscan_web_security_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dr. S. N. HensonNISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2937",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#247744",
"trust": 0.8,
"value": "0.28"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#386964",
"trust": 0.8,
"value": "0.32"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#845620",
"trust": 0.8,
"value": "7.56"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#547300",
"trust": 0.8,
"value": "2.53"
},
{
"author": "NVD",
"id": "CVE-2006-2937",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to cause applications that use the vulnerable library to consume excessive CPU and memory resources and crash, denying further service to legitimate users. rPath Security Advisory: 2006-0175-2\nPublished: 2006-09-28\nUpdated:\n 2006-09-29 Resolved issue in patch for CVE-2006-2940\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n Remote Deterministic Unauthorized Access\nUpdated Versions:\n openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.5-1\n\nReferences:\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n http://issues.rpath.com/browse/RPL-613\n\nDescription:\n Previous versions of the openssl package are vulnerable to multiple\n attacks. \n In particular, any connection that the mysql daemon will accept\n may be vulnerable. In the default configuration of mysql, that\n would be a local unauthorized access vulnerability, but mysql can\n be configured to listen for network connections from remote hosts,\n which would then enable remote unauthorized access. Any program\n that calls the SSL_get_shared_ciphers() function may be vulnerable. \n \n 29 September 2006 Update: The initial fix for this vulnerability was\n incomplete, and the fault in the fix could enable a Denial of Service\n attack in some cases of the attack described in CVE-2006-2940. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory MDKSA-2006:172-1\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : openssl\n Date : October 2, 2006\n Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,\n Multi Network Firewall 2.0\n _______________________________________________________________________\n \n Problem Description:\n \n Dr S N Henson of the OpenSSL core team and Open Network Security\n recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). \n\n Update:\n\n There was an error in the original published patches for CVE-2006-2940. \n New packages have corrected this issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 526fcd69e1a1768c82afd573dc16982f 2006.0/i586/openssl-0.9.7g-2.5.20060mdk.i586.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 54ed69fc4976d3c0953eeebd3c10471a 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mdk.x86_64.rpm\n 632fbe5eaff684ec2f27da4bbe93c4f6 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 04dbe52bda3051101db73fabe687bd7e 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.x86_64.rpm\n 5e48a8d9a6a03a045b6d0d2b6903dc5b 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mdk.i586.rpm\n f86f3a2efd19ff5fb1600212cbd8e463 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mdk.i586.rpm\n 73b99c1a8a34fe3c2279c09c4f385804 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mdk.i586.rpm\n ca169246cc85db55839b265b90e8c842 2006.0/x86_64/openssl-0.9.7g-2.5.20060mdk.x86_64.rpm \n 441a806fc8a50f74f5b4bcfce1fc8f66 2006.0/SRPMS/openssl-0.9.7g-2.5.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n db68f8f239604fb76a0a10c70104ef61 2007.0/i586/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n a97c6033a33fabcd5509568304b7a988 2007.0/i586/openssl-0.9.8b-2.2mdv2007.0.i586.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n 1895971ef1221056075c4ee3d4aaac72 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.2mdv2007.0.x86_64.rpm\n cfd59201e5e9c436f42b969b4aa567f1 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n 36da85c76eddf95feeb3f4b792528483 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.x86_64.rpm\n db68f8f239604fb76a0a10c70104ef61 2007.0/x86_64/libopenssl0.9.8-0.9.8b-2.2mdv2007.0.i586.rpm\n 26a4de823aee08e40d28ed7e6ff5b2ff 2007.0/x86_64/libopenssl0.9.8-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n ab949cf85296ceae864f83fbbac2b55a 2007.0/x86_64/libopenssl0.9.8-static-devel-0.9.8b-2.2mdv2007.0.i586.rpm\n e3aebeae455a0820c5f28483bd6d3fa5 2007.0/x86_64/openssl-0.9.8b-2.2mdv2007.0.x86_64.rpm \n 78964615b7bd71028671257640be3bc5 2007.0/SRPMS/openssl-0.9.8b-2.2mdv2007.0.src.rpm\n\n Corporate 3.0:\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 1e7834f6f0fe000f8f00ff49ee6f7ea0 corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.C30mdk.i586.rpm\n 6c86220445ef34c2dadadc3e00701885 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.i586.rpm\n c25c4042a91b6e7bf9aae1aa2fea32a5 corporate/3.0/i586/openssl-0.9.7c-3.7.C30mdk.i586.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 52dfd4d10e00c9bd0944e4486190de93 corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.7.C30mdk.x86_64.rpm\n 258a19afc44dadfaa00d0ebd8b3c0df4 corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n cd5cc151e476552be549c6a37b8a71ea corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.7.C30mdk.x86_64.rpm\n 7f60837e42b45ce50f365ec1372d6aeb corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.7.C30mdk.i586.rpm\n 492fcc0df9172557a3297d0082321d4d corporate/3.0/x86_64/openssl-0.9.7c-3.7.C30mdk.x86_64.rpm \n 2c47b1604aa89033799b1ead4bcebe01 corporate/3.0/SRPMS/openssl-0.9.7c-3.7.C30mdk.src.rpm\n\n Corporate 4.0:\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n daa6c3473f59405778dedd02de73fcc9 corporate/4.0/i586/openssl-0.9.7g-2.5.20060mlcs4.i586.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b5ae71aacd5b99be9e9327d58da29230 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 89296e03778a198940c1c413e44b9f45 corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n cb17a0d801c1181ab380472b8ffb085e corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.x86_64.rpm\n 76b3078e53be2ddc019bee74ccb1f39e corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.5.20060mlcs4.i586.rpm\n 0aa4ca3b0d2925255650fb90132d7aad corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 86dc91f1701293f3319a833746bbe421 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.5.20060mlcs4.i586.rpm\n 8d9a55afdc6d930916bac00fd4c4739b corporate/4.0/x86_64/openssl-0.9.7g-2.5.20060mlcs4.x86_64.rpm \n a8d2a946d266a94c6d46537ad78b18fa corporate/4.0/SRPMS/openssl-0.9.7g-2.5.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n cd7ad7e95ce17995dfa8129ebe517049 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.7.M20mdk.i586.rpm\n 11771240baebdc6687af70a8a0f2ffd2 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 8f672bc81b9528598a8560d876612bfa mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.7.M20mdk.i586.rpm\n 214f857a36e5c3e600671b7291cd08ae mnf/2.0/i586/openssl-0.9.7c-3.7.M20mdk.i586.rpm \n bbb299fd643ccbfbdc1a48b12c7005ce mnf/2.0/SRPMS/openssl-0.9.7c-3.7.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFIU7bmqjQ0CJFipgRAuYAAKCZlwMqJzrVCpKYdEqs+UiyM6WrSQCfeIv3\nmAaLoEPfjUca1TR98vgpZUU=\n=Ff9O\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~ VMware Security Advisory\n\nAdvisory ID: VMSA-2008-0005\nSynopsis: Updated VMware Workstation, VMware Player, VMware\n~ Server, VMware ACE, and VMware Fusion resolve\n~ critical security issues\nIssue date: 2008-03-17\nUpdated on: 2008-03-17 (initial release of advisory)\nCVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~ CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. Summary:\n\n~ Several critical security vulnerabilities have been addressed\n~ in the newest releases of VMware\u0027s hosted product line. \n\n2. Relevant releases:\n\n~ VMware Workstation 6.0.2 and earlier\n~ VMware Workstation 5.5.4 and earlier\n~ VMware Player 2.0.2 and earlier\n~ VMware Player 1.0.4 and earlier\n~ VMware ACE 2.0.2 and earlier\n~ VMware ACE 1.0.2 and earlier\n~ VMware Server 1.0.4 and earlier\n~ VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a. Host to guest shared folder (HGFS) traversal vulnerability\n\n~ On Windows hosts, if you have configured a VMware host to guest\n~ shared folder (HGFS), it is possible for a program running in the\n~ guest to gain access to the host\u0027s file system and create or modify\n~ executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~ guest shared folders. No versions of ESX Server, including\n~ ESX Server 3i, are affected by this vulnerability. Because\n~ ESX Server is based on a bare-metal hypervisor architecture\n~ and not a hosted architecture, and it doesn\u0027t include any\n~ shared folder abilities. Fusion and Linux based hosted\n~ products are unaffected. \n\n~ VMware would like to thank CORE Security Technologies for\n~ working with us on this issue. This addresses advisory\n~ CORE-2007-0930. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2008-0923 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b. Insecure named pipes\n\n~ An internal security audit determined that a malicious Windows\n~ user could attain and exploit LocalSystem privileges by causing\n~ the authd process to connect to a named pipe that is opened and\n~ controlled by the malicious user. \n\n~ The same internal security audit determined that a malicious\n~ Windows user could exploit an insecurely created named pipe\n~ object to escalate privileges or create a denial of service\n~ attack. In this situation, the malicious user could\n~ successfully impersonate authd and attain privileges under\n~ which Authd is executing. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~ issues. \n\n~ Windows Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c. Updated libpng library to version 1.2.22 to address various\n~ security vulnerabilities\n\n~ Several flaws were discovered in the way libpng handled various PNG\n~ image chunks. An attacker could create a carefully crafted PNG\n~ image file in such a way that it could cause an application linked\n~ with libpng to crash when the file was manipulated. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ has assigned the name CVE-2007-5269 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ d. Updated OpenSSL library to address various security vulnerabilities\n\n~ Updated OpenSSL fixes several security flaws were discovered\n~ in previous versions of OpenSSL. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the following names to these issues: CVE-2006-2940,\n~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion is not affected by this issue. \n\n~ e. VIX API default setting changed to a more secure default value\n\n~ Workstation 6.0.2 allowed anonymous console access to the guest by\n~ means of the VIX API. This release, Workstation 6.0.3, disables\n~ this feature. This means that the Eclipse Integrated Virtual\n~ Debugger and the Visual Studio Integrated Virtual Debugger will now\n~ prompt for user account credentials to access a guest. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f. Windows 2000 based hosted products privilege escalation\n~ vulnerability\n\n~ This release addresses a potential privilege escalation on\n~ Windows 2000 hosted products. Certain services may be improperly\n~ registered and present a security vulnerability to Windows 2000\n~ machines. \n\n~ VMware would like to thank Ray Hicken for reporting this issue and\n~ David Maciejak for originally pointing out these types of\n~ vulnerabilities. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2007-5618 to this issue. \n\n~ Windows versions of Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ NOTE: Fusion and Linux based products are not affected by this\n~ issue. \n\n~ g. DHCP denial of service vulnerability\n\n~ A potential denial of service issue affects DHCP service running\n~ on the host. \n\n~ VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1364 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~ NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~ Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h. Local Privilege Escalation on Windows based platforms by\n~ Hijacking VMware VMX configuration file\n\n~ VMware uses a configuration file named \"config.ini\" which\n~ is located in the application data directory of all users. \n~ By manipulating this file, a user could gain elevated\n~ privileges by hijacking the VMware VMX process. \n\n~ VMware would like to thank Sun Bing for reporting the issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1363 to this issue. \n\n~ Windows based Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404)\n~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i. Virtual Machine Communication Interface (VMCI) memory corruption\n~ resulting in denial of service\n\n~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~ and VMware ACE 2.0. It is an experimental, optional feature and\n~ it may be possible to crash the host system by making specially\n~ crafted calls to the VMCI interface. This may result in denial\n~ of service via memory exhaustion and memory corruption. \n\n~ VMware would like to thank Andrew Honig of the Department of\n~ Defense for reporting this issue. \n\n~ The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~ assigned the name CVE-2008-1340 to this issue. \n\n~ Hosted products\n~ ---------------\n~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004)\n~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~ VMware Workstation 6.0.3\n~ ------------------------\n~ http://www.vmware.com/download/ws/\n~ Release notes:\n~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~ Windows binary\n~ md5sum: 323f054957066fae07735160b73b91e5\n~ RPM Installation file for 32-bit Linux\n~ md5sum: c44183ad11082f05593359efd220944e\n~ tar Installation file for 32-bit Linux\n~ md5sum: 57601f238106cb12c1dea303ad1b4820\n~ RPM Installation file for 64-bit Linux\n~ md5sum: e9ba644be4e39556724fa2901c5e94e9\n~ tar Installation file for 64-bit Linux\n~ md5sum: d8d423a76f99a94f598077d41685e9a9\n\n~ VMware Workstation 5.5.5\n~ ------------------------\n~ http://www.vmware.com/download/ws/ws5.html\n~ Release notes:\n~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~ Windows binary\n~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~ Compressed Tar archive for 32-bit Linux\n~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb\n~ Linux RPM version for 32-bit Linux\n~ md5sum: c222b6db934deb9c1bb79b16b25a3202\n\n~ VMware Server 1.0.5\n~ -------------------\n~ http://www.vmware.com/download/server/\n~ Release notes:\n~ http://www.vmware.com/support/server/doc/releasenotes_server.html\n~ VMware Server for Windows 32-bit and 64-bit\n~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc\n~ VMware Server Windows client package\n~ md5sum: cb3dd2439203dc510f4d95f06ba59d21\n~ VMware Server for Linux\n~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e\n~ VMware Server for Linux rpm\n~ md5sum: fc3b81ed18b53eda943a992971e9f84a\n~ Management Interface\n~ md5sum: dd10d25895d9994bd27ca896152f48ef\n~ VMware Server Linux client package\n~ md5sum: aae18f1f7b8811b5499e3a358754d4f8\n\n~ VMware ACE 2.0.3 and 1.0.5\n~ --------------------------\n~ http://www.vmware.com/download/ace/\n~ Windows Release notes:\n~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~ VMware Fusion 1.1.1\n~ -------------------\n~ http://www.vmware.com/download/fusion/\n~ Release notes:\n~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0\n\n~ VMware Player 2.0.3 and 1.0.6\n~ ----------------------\n~ http://www.vmware.com/download/player/\n~ Release notes Player 1.x:\n~ http://www.vmware.com/support/player/doc/releasenotes_player.html\n~ Release notes Player 2.0\n~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~ 2.0.3 Windows binary\n~ md5sum: 0c5009d3b569687ae139e13d24c868d3\n~ VMware Player 2.0.3 for Linux (.rpm)\n~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2\n~ VMware Player 2.0.3 for Linux (.tar)\n~ md5sum: 2305fcff49bef6e4ad83742412eac978\n~ VMware Player 2.0.3 - 64-bit (.rpm)\n~ md5sum: cf945b571c4d96146ede010286fdfca5\n~ VMware Player 2.0.3 - 64-bit (.tar)\n~ md5sum: f99c5b293eb87c5f918ad24111565b9f\n~ 1.0.6 Windows binary\n~ md5sum: 895081406c4de5361a1700ec0473e49c\n~ Player 1.0.6 for Linux (.rpm)\n~ md5sum: 8adb23799dd2014be0b6d77243c76942\n~ Player 1.0.6 for Linux (.tar)\n~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~ CVE numbers\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~ * security-announce@lists.vmware.com\n~ * bugtraq@securityfocus.com\n~ * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02824490\nVersion: 1\n\nHPSBOV02683 SSRT090208 rev.1 - HP Secure Web Server (SWS) for OpenVMS running Apache/PHP, Remote Denial of Service (DoS), Unauthorized Access, Unauthorized Disclosure of Information, Unauthorized Modification\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2011-05-05\nLast Updated: 2011-05-05\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, unauthorized modification\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. \n\nReferences: CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Secure Web Server (SWS) for OpenVMS (based on Apache) V2.1-1 and earlier. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2002-0839 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2002-0840 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\nCVE-2003-0542 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 7.2\nCVE-2004-0492 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2005-2491 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2005-3352 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2005-3357 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4\nCVE-2006-2937 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-2940 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8\nCVE-2006-3738 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2006-3747 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2006-3918 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2006-4339 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2006-4343 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3\nCVE-2007-5000 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2007-6388 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2008-0005 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3\nCVE-2009-1891 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 7.1\nCVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3291 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3292 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2009-3555 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8\nCVE-2010-0010 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has made the following software updates available to resolve these vulnerabilities. \n\nKit Name\n Location\n\nHP SWS V2.2 for OpenVMS Alpha and OpenVMS Integrity servers. \n http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html\n\nCSWS_PHP V2.2\n http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html\n\nHISTORY\nVersion:1 (rev.1) - 5 May 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2011 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \nHP System Management Homepage (SMH) versions prior to 2.1.7 running on Linux and Windows. \n\nBACKGROUND\n\n\nRESOLUTION\nHP has provided System Management Homepage (SMH) version 2.1.7 or subsequent for each platform to resolve this issue. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: OpenSSL: Multiple vulnerabilities\n Date: October 24, 2006\n Bugs: #145510\n ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n [ 1 ] CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n [ 2 ] CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n [ 3 ] CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n [ 4 ] CVE-2006-4343\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. (This issue did not affect\nOpenSSL versions prior to 0.9.7)\n\n2. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project. An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n - in the 0.9.7 branch, version 0.9.7l (or later);\n - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n o https://www.openssl.org/source/\n o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n o openssl-0.9.8d.tar.gz\n MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n o openssl-0.9.7l.tar.gz\n MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n \nThe checksums were calculated using the following commands:\n\n openssl md5 openssl-0.9*.tar.gz\n openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. Incorrect permissions on SSL key files generated by vmware-config\n(CVE-2006-3589):\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with the configuration program\n vmware-config which could set incorrect permissions on SSL key\n files. Local users may be able to obtain access to the SSL key\n files. \n\n (CVE-2006-2940) OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d,\n and earlier versions allows attackers to cause a denial of service\n (CPU consumption) via parasitic public keys with large (1) \"public\n exponent\" or (2) \"public modulus\" values in X.509 certificates that\n require extra time to process when using RSA signature verification. \n\n (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n padding before generating a hash, which allows remote attackers to\n forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n prevents OpenSSL from correctly verifying X.509 and other\n certificates that use PKCS #1. Updated OpenSSH package addresses the following possible security issues:\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by Patch ESX-3069097\n ESX 2.5.4: does not have these problems\n ESX 2.5.3: does not have these problems\n ESX 2.1.3: does not have these problems\n ESX 2.0.2: does not have these problems\n\n (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n other versions, when using privilege separation, does not properly\n signal the non-privileged process when a session has been terminated\n after exceeding the LoginGraceTime setting, which leaves the\n connection open and allows remote attackers to cause a denial of\n service (connection consumption). \n\n (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n arbitrary commands via filenames that contain shell metacharacters\n or spaces, which are expanded twice. \n\n (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n access by numeric IP addresses and with VerifyReverseMapping\n disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n address restrictions by connecting to a host from a system whose\n reverse DNS hostname contains the numeric IP address. \n\n NOTE: ESX by default disables version 1 SSH protocol. \n\n NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n Separation Monitor in OpenSSH before 4.5 causes weaker verification\n that authentication has been successful, which might allow attackers\n to bypass authentication. \n\n NOTE: as of 20061108, it is believed that this issue is only\n exploitable by leveraging vulnerabilities in the unprivileged\n process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n ESX 3.0.1: does not have this problem\n ESX 3.0.0: does not have this problem\n ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n A possible security issue with virtual disk (.vmdk or .dsk) files\n that are newly created, but contain blocks from recently deleted\n virtual disk files. Information belonging to the previously\n deleted virtual disk files could be revealed in newly created\n virtual disk files. \n\n VMware recommends the following workaround: When creating new\n virtual machines on an ESX Server that may contain sensitive\n data, use vmkfstools with the -W option. This initializes the\n virtual disk with zeros. NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n ESX 3.0.1: corrected by Patch ESX-9986131\n ESX 3.0.0: corrected by ESX-3069097\n ESX 2.5.4: does not have this problem\n ESX 2.5.3: does not have this problem\n ESX 2.1.3: does not have this problem\n ESX 2.0.2: does not have this problem\n\n A possible security issue with how the Python function repr()\n function handles UTF-32/UCS-4 strings. \n\n ESX 3.0.1\n http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n md5usm: 239375e107fd4c7af57663f023863fcb\n\n ESX 3.0.0\n http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n md5sum: ca9947239fffda708f2c94f519df33dc\n\n ESX 2.5.4\n http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n md5sum: 239375e107fd4c7af57663f023863fcb\n\n ESX 2.5.3\n http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n ESX 2.1.3\n http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n ESX 2.0.2\n http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL: http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2937"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "PACKETSTORM",
"id": "53566"
}
],
"trust": 5.67
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-2937",
"trust": 3.7
},
{
"db": "SECUNIA",
"id": "23280",
"trust": 3.4
},
{
"db": "SECUNIA",
"id": "23309",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#247744",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22259",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22094",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "22130",
"trust": 2.6
},
{
"db": "BID",
"id": "22083",
"trust": 2.4
},
{
"db": "BID",
"id": "20248",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "23155",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23340",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22671",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23351",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22385",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "23131",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22544",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22207",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22212",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22116",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22216",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22220",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22330",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22240",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22260",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22165",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22166",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22172",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22284",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22186",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "22193",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016943",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA06-333A",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2006-3902",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4036",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4329",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4750",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-1401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3860",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4019",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4327",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3936",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2783",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4401",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4980",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-0343",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3820",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4264",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4761",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2007-2315",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-3869",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2006-4417",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-2396",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2008-0905",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31492",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22626",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22772",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22298",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23680",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "26329",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24950",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "25889",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22460",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23038",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "31531",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22487",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "30124",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "24930",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22799",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "22758",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "23915",
"trust": 1.0
},
{
"db": "BID",
"id": "28276",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "29260",
"trust": 1.0
},
{
"db": "BID",
"id": "20246",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#386964",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "21709",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#845620",
"trust": 0.8
},
{
"db": "BID",
"id": "20249",
"trust": 0.8
},
{
"db": "XF",
"id": "29237",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#547300",
"trust": 0.8
},
{
"db": "USCERT",
"id": "SA06-333A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2022.0696",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "50595",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50543",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "53566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64684",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "101257",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58346",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "51324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169663",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"id": "VAR-200110-0282",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.251886895
},
"last_update_date": "2024-11-07T19:56:52.213000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00805100"
},
{
"title": "HPSBUX02174",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02174.html"
},
{
"title": "BIND 9: OpenSSL Vulnerabilities",
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20061103-00745.html"
},
{
"title": "openssl (V4.0)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=459"
},
{
"title": "secadv_20060928",
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2006-0695.html"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"title": "102759",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
},
{
"title": "102747",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-3"
},
{
"title": "readme_iwss11_sol_patch7_b1182",
"trust": 0.8,
"url": "http://www.trendmicro.com/ftp/jp/ucmodule/iwss/sol/11/readme_iwss11_sol_patch7_b1182.txt"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-33.txt"
},
{
"title": "RHSA-2006:0695",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0695J.html"
},
{
"title": "TLSA-2006-33",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-33j.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.openssl.org/news/secadv_20060928.txt"
},
{
"trust": 2.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23280/"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/23309/"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/22083"
},
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/247744"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/20248"
},
{
"trust": 1.8,
"url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
},
{
"trust": 1.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
},
{
"trust": 1.3,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
},
{
"trust": 1.3,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
},
{
"trust": 1.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 1.2,
"url": "http://issues.rpath.com/browse/rpl-613"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
},
{
"trust": 1.0,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
},
{
"trust": 1.0,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
},
{
"trust": 1.0,
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"trust": 1.0,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
},
{
"trust": 1.0,
"url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
},
{
"trust": 1.0,
"url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
},
{
"trust": 1.0,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
},
{
"trust": 1.0,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
},
{
"trust": 1.0,
"url": "http://openbsd.org/errata.html#openssl2"
},
{
"trust": 1.0,
"url": "http://openvpn.net/changelog.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22094"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22116"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22130"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22165"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22166"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22172"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22186"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22193"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22207"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22212"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22216"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22220"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22240"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22259"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22260"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22284"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22298"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22330"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22385"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22460"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22487"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22544"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22626"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22671"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22758"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22772"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/22799"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23038"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23131"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23155"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23280"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23309"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23340"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23351"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23680"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/23915"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24930"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/24950"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/25889"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/26329"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/30124"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31492"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/31531"
},
{
"trust": 1.0,
"url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
},
{
"trust": 1.0,
"url": "http://securitytracker.com/id?1016943"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
},
{
"trust": 1.0,
"url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
},
{
"trust": 1.0,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
},
{
"trust": 1.0,
"url": "http://support.attachmate.com/techdocs/2374.html"
},
{
"trust": 1.0,
"url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 1.0,
"url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2006/dsa-1185"
},
{
"trust": 1.0,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
},
{
"trust": 1.0,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
},
{
"trust": 1.0,
"url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
},
{
"trust": 1.0,
"url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/29260"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
},
{
"trust": 1.0,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/28276"
},
{
"trust": 1.0,
"url": "http://www.serv-u.com/releasenotes/"
},
{
"trust": 1.0,
"url": "http://www.trustix.org/errata/2006/0054"
},
{
"trust": 1.0,
"url": "http://www.ubuntu.com/usn/usn-353-1"
},
{
"trust": 1.0,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3820"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3860"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3869"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3902"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/3936"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4019"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4036"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4264"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4327"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4329"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4417"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4761"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/4980"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/0343"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2783"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2008/2396"
},
{
"trust": 1.0,
"url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10560"
},
{
"trust": 1.0,
"url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23131/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22544/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22385/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22671/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23155/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23340/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/23351/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20246"
},
{
"trust": 0.8,
"url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
},
{
"trust": 0.8,
"url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060905.txt "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/21709/"
},
{
"trust": 0.8,
"url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc3447.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
},
{
"trust": 0.8,
"url": "https://issues.rpath.com/browse/rpl-613 "
},
{
"trust": 0.8,
"url": "http://www.openssl.org/news/secadv_20060928.txt "
},
{
"trust": 0.8,
"url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
},
{
"trust": 0.8,
"url": "http://openvpn.net/changelog.html "
},
{
"trust": 0.8,
"url": "http://www.serv-u.com/releasenotes/ "
},
{
"trust": 0.8,
"url": "http://openbsd.org/errata.html#openssl2 "
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/20249 "
},
{
"trust": 0.8,
"url": "http://securitytracker.com/id?1016943 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22094 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22165 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22186 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22193 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22207 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22259 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22260 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22166 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22172 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22212 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22240 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22216 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22116 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22220 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22284 "
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22330 "
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/29237 "
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060928-00661.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2006/3820"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta06-333a/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trta06-333a"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2937"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20060928-00661.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/22130/"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa06-333a.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.5,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
},
{
"trust": 0.4,
"url": "http://secunia.com/"
},
{
"trust": 0.4,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
},
{
"trust": 0.3,
"url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
},
{
"trust": 0.3,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
},
{
"trust": 0.3,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
},
{
"trust": 0.3,
"url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
},
{
"trust": 0.3,
"url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
},
{
"trust": 0.3,
"url": "http://www.ingate.com/relnote-452.php"
},
{
"trust": 0.3,
"url": "http://www.cyberguard.info/snapgear/releases.html"
},
{
"trust": 0.3,
"url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
},
{
"trust": 0.3,
"url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
},
{
"trust": 0.3,
"url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
},
{
"trust": 0.3,
"url": "https://www.niscc.gov.uk)."
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
},
{
"trust": 0.2,
"url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3747"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/9986131"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/3069097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ace/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/player/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/ws5.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/fusion/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/ws/"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/download/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0840"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3293"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3292"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3918"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0542"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2002-0839"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws_php.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3357"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3352"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2491"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5000"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
},
{
"trust": 0.1,
"url": "http://h71000.www7.hp.com/openvms/products/ips/apache/csws.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6388"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26977.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26866.html"
},
{
"trust": 0.1,
"url": "http://h18023.www1.hp.com/support/files/server/us/download/26864.html"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/"
},
{
"trust": 0.1,
"url": "https://www.openssl.org/source/mirror.html):"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#247744"
},
{
"db": "CERT/CC",
"id": "VU#386964"
},
{
"db": "CERT/CC",
"id": "VU#845620"
},
{
"db": "CERT/CC",
"id": "VU#547300"
},
{
"db": "BID",
"id": "20248"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"db": "PACKETSTORM",
"id": "50595"
},
{
"db": "PACKETSTORM",
"id": "50543"
},
{
"db": "PACKETSTORM",
"id": "53566"
},
{
"db": "PACKETSTORM",
"id": "64684"
},
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "PACKETSTORM",
"id": "101257"
},
{
"db": "PACKETSTORM",
"id": "58346"
},
{
"db": "PACKETSTORM",
"id": "51324"
},
{
"db": "PACKETSTORM",
"id": "50548"
},
{
"db": "PACKETSTORM",
"id": "169663"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2006-09-11T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2006-09-28T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2006-09-28T00:00:00",
"db": "BID",
"id": "20248"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2006-10-04T20:17:01",
"db": "PACKETSTORM",
"id": "50595"
},
{
"date": "2006-10-04T00:47:19",
"db": "PACKETSTORM",
"id": "50543"
},
{
"date": "2007-01-13T22:56:30",
"db": "PACKETSTORM",
"id": "53566"
},
{
"date": "2008-03-19T02:18:56",
"db": "PACKETSTORM",
"id": "64684"
},
{
"date": "2006-10-04T00:44:50",
"db": "PACKETSTORM",
"id": "50535"
},
{
"date": "2011-05-10T00:45:11",
"db": "PACKETSTORM",
"id": "101257"
},
{
"date": "2007-08-08T07:19:47",
"db": "PACKETSTORM",
"id": "58346"
},
{
"date": "2006-10-25T21:37:36",
"db": "PACKETSTORM",
"id": "51324"
},
{
"date": "2006-10-04T00:46:38",
"db": "PACKETSTORM",
"id": "50548"
},
{
"date": "2006-09-28T12:12:12",
"db": "PACKETSTORM",
"id": "169663"
},
{
"date": "2001-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2006-09-28T18:07:00",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#247744"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#386964"
},
{
"date": "2007-02-08T00:00:00",
"db": "CERT/CC",
"id": "VU#845620"
},
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#547300"
},
{
"date": "2015-03-19T08:40:00",
"db": "BID",
"id": "20248"
},
{
"date": "2008-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000592"
},
{
"date": "2022-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-523"
},
{
"date": "2018-10-18T16:43:56.543000",
"db": "NVD",
"id": "CVE-2006-2937"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "50535"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSL may fail to properly parse invalid ASN.1 structures",
"sources": [
{
"db": "CERT/CC",
"id": "VU#247744"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-523"
}
],
"trust": 0.6
}
}
cve-2012-5459
Vulnerability from cvelistv5
Published
2012-11-14 11:00
Modified
2024-08-06 21:05
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "system folder."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/56470 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/87119 | vdb-entry, x_refsource_OSVDB | |
| http://www.vmware.com/security/advisories/VMSA-2012-0015.html | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/79923 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56470",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56470"
},
{
"name": "87119",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/87119"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"name": "workstation-dll-code-exec(79923)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a \"system folder.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "56470",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56470"
},
{
"name": "87119",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/87119"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"name": "workstation-dll-code-exec(79923)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a \"system folder.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56470",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56470"
},
{
"name": "87119",
"refsource": "OSVDB",
"url": "http://osvdb.org/87119"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"name": "workstation-dll-code-exec(79923)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5459",
"datePublished": "2012-11-14T11:00:00",
"dateReserved": "2012-10-24T00:00:00",
"dateUpdated": "2024-08-06T21:05:47.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1205
Vulnerability from cvelistv5
Published
2010-06-30 18:00
Modified
2024-08-07 01:14
Severity ?
EPSS score ?
Summary
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:14:06.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:133",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"name": "41174",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/41174"
},
{
"name": "ADV-2010-1877",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html"
},
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"name": "libpng-rowdata-bo(59815)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59815"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"name": "oval:org.mitre.oval:def:11851",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851"
},
{
"name": "ADV-2010-1837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=570451"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-1755",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "40472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4566"
},
{
"name": "40302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40302"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "40336",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40336"
},
{
"name": "41574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41574"
},
{
"name": "USN-960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-960-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blackberry.com/btsc/KB27244"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "APPLE-SA-2011-03-02-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"name": "FEDORA-2010-10823",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
},
{
"name": "DSA-2072",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4312"
},
{
"name": "40547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40547"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"name": "ADV-2010-1637",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4554"
},
{
"name": "SUSE-SR:2010:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name": "APPLE-SA-2011-03-09-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"name": "SSA:2010-180-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"name": "FEDORA-2010-10833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.webkit.org/show_bug.cgi?id=40798"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "ADV-2010-2491",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://trac.webkit.org/changeset/61816"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=45983"
},
{
"name": "ADV-2010-1846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608238"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "ADV-2010-1612",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1612"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2010:133",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"name": "41174",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/41174"
},
{
"name": "ADV-2010-1877",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html"
},
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"name": "libpng-rowdata-bo(59815)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59815"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"name": "oval:org.mitre.oval:def:11851",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851"
},
{
"name": "ADV-2010-1837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=570451"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-1755",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "40472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4566"
},
{
"name": "40302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40302"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "40336",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40336"
},
{
"name": "41574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41574"
},
{
"name": "USN-960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-960-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blackberry.com/btsc/KB27244"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"name": "APPLE-SA-2010-08-24-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "APPLE-SA-2011-03-02-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"name": "FEDORA-2010-10823",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
},
{
"name": "DSA-2072",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4312"
},
{
"name": "40547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40547"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"name": "ADV-2010-1637",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4554"
},
{
"name": "SUSE-SR:2010:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name": "APPLE-SA-2011-03-09-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"name": "SSA:2010-180-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"name": "FEDORA-2010-10833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.webkit.org/show_bug.cgi?id=40798"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "ADV-2010-2491",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://trac.webkit.org/changeset/61816"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=45983"
},
{
"name": "ADV-2010-1846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608238"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "ADV-2010-1612",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1612"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2010:133",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"name": "41174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41174"
},
{
"name": "ADV-2010-1877",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"name": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html"
},
{
"name": "ADV-2010-3045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"name": "libpng-rowdata-bo(59815)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59815"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"name": "oval:org.mitre.oval:def:11851",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851"
},
{
"name": "ADV-2010-1837",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=570451",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=570451"
},
{
"name": "http://support.apple.com/kb/HT4457",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-1755",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"name": "ADV-2010-3046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "40472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40472"
},
{
"name": "http://support.apple.com/kb/HT4566",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4566"
},
{
"name": "40302",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40302"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "40336",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40336"
},
{
"name": "41574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41574"
},
{
"name": "USN-960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-960-1"
},
{
"name": "http://blackberry.com/btsc/KB27244",
"refsource": "CONFIRM",
"url": "http://blackberry.com/btsc/KB27244"
},
{
"name": "http://www.libpng.org/pub/png/libpng.html",
"refsource": "CONFIRM",
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"name": "APPLE-SA-2010-08-24-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"name": "APPLE-SA-2011-03-02-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"name": "42317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42317"
},
{
"name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"name": "FEDORA-2010-10823",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
},
{
"name": "DSA-2072",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"name": "http://support.apple.com/kb/HT4312",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4312"
},
{
"name": "40547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40547"
},
{
"name": "42314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42314"
},
{
"name": "ADV-2010-1637",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"name": "http://support.apple.com/kb/HT4554",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4554"
},
{
"name": "SUSE-SR:2010:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name": "APPLE-SA-2011-03-09-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"name": "SSA:2010-180-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"name": "FEDORA-2010-10833",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
},
{
"name": "https://bugs.webkit.org/show_bug.cgi?id=40798",
"refsource": "CONFIRM",
"url": "https://bugs.webkit.org/show_bug.cgi?id=40798"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "ADV-2010-2491",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"name": "http://trac.webkit.org/changeset/61816",
"refsource": "CONFIRM",
"url": "http://trac.webkit.org/changeset/61816"
},
{
"name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18",
"refsource": "CONFIRM",
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=45983",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=45983"
},
{
"name": "ADV-2010-1846",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=608238",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608238"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "ADV-2010-1612",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1612"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1205",
"datePublished": "2010-06-30T18:00:00",
"dateReserved": "2010-03-30T00:00:00",
"dateUpdated": "2024-08-07T01:14:06.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6933
Vulnerability from cvelistv5
Published
2016-01-09 02:00
Modified
2024-08-06 07:36
Severity ?
EPSS score ?
Summary
The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1034604 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1034603 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2016-0001.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:36:34.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034604"
},
{
"name": "1034603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034603"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1034604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034604"
},
{
"name": "1034603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034603"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034604",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034604"
},
{
"name": "1034603",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034603"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-6933",
"datePublished": "2016-01-09T02:00:00",
"dateReserved": "2015-09-14T00:00:00",
"dateUpdated": "2024-08-06T07:36:34.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0062
Vulnerability from cvelistv5
Published
2007-09-21 18:00
Modified
2024-08-07 12:03
Severity ?
EPSS score ?
Summary
Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:37.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "1018717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27694"
},
{
"name": "31396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31396"
},
{
"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"
},
{
"name": "dhcp-param-overflow(33102)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"
},
{
"name": "GLSA-200808-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"
},
{
"name": "MDVSA-2009:153",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "SUSE-SR:2009:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "34263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "1018717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27694"
},
{
"name": "31396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31396"
},
{
"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"
},
{
"name": "dhcp-param-overflow(33102)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"
},
{
"name": "GLSA-200808-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"
},
{
"name": "MDVSA-2009:153",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "SUSE-SR:2009:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "34263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25729"
},
{
"name": "GLSA-200711-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"
},
{
"name": "USN-543-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "1018717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018717"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27694"
},
{
"name": "31396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31396"
},
{
"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities",
"refsource": "ISS",
"url": "http://www.iss.net/threats/275.html"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0041",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"
},
{
"name": "dhcp-param-overflow(33102)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=339561",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"
},
{
"name": "GLSA-200808-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"
},
{
"name": "MDVSA-2009:153",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "SUSE-SR:2009:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"name": "26890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26890"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "34263",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34263"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=227135",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0062",
"datePublished": "2007-09-21T18:00:00",
"dateReserved": "2007-01-04T00:00:00",
"dateUpdated": "2024-08-07T12:03:37.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4496
Vulnerability from cvelistv5
Published
2007-09-21 18:00
Modified
2024-08-07 15:01
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27694"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "25728",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25728"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1018718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018718"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27694"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "25728",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25728"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1018718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018718"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "GLSA-200711-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27694"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "25728",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25728"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26890"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1018718",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018718"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4496",
"datePublished": "2007-09-21T18:00:00",
"dateReserved": "2007-08-22T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3892
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:53
Severity ?
EPSS score ?
Summary
Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call. NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "6345",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6345"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "vmware-comapi-guestinfo-bo(43062)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43062"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31710"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "29503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29503"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call. NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "6345",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6345"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "vmware-comapi-guestinfo-bo(43062)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43062"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31710"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "29503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29503"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call. NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "MISC",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "6345",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6345"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "MISC",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "vmware-comapi-guestinfo-bo(43062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43062"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "MISC",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "MISC",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31710"
},
{
"name": "30934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30934"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "MISC",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "MISC",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31708"
},
{
"name": "29503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29503"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "MISC",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "4202",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3892",
"datePublished": "2008-09-03T14:00:00",
"dateReserved": "2008-09-03T00:00:00",
"dateUpdated": "2024-08-07T09:53:00.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0061
Vulnerability from cvelistv5
Published
2007-09-21 18:00
Modified
2024-08-07 12:03
Severity ?
EPSS score ?
Summary
The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers "corrupt stack memory."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:37.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "1018717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27694"
},
{
"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "dhcp-malformed-packet-bo(33101)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33101"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers \"corrupt stack memory.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "1018717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27694"
},
{
"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "dhcp-malformed-packet-bo(33101)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33101"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers \"corrupt stack memory.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25729"
},
{
"name": "GLSA-200711-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "1018717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018717"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27694"
},
{
"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities",
"refsource": "ISS",
"url": "http://www.iss.net/threats/275.html"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "dhcp-malformed-packet-bo(33101)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33101"
},
{
"name": "26890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26890"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0061",
"datePublished": "2007-09-21T18:00:00",
"dateReserved": "2007-01-04T00:00:00",
"dateUpdated": "2024-08-07T12:03:37.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1043
Vulnerability from cvelistv5
Published
2015-01-29 18:00
Modified
2024-08-06 04:33
Severity ?
EPSS score ?
Summary
The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2015-0001.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1031644 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/100934 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/62551 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/72337 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:19.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"name": "1031644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031644"
},
{
"name": "vmware-cve20151043-dos(100934)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100934"
},
{
"name": "62551",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62551"
},
{
"name": "72337",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72337"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"name": "1031644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031644"
},
{
"name": "vmware-cve20151043-dos(100934)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100934"
},
{
"name": "62551",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62551"
},
{
"name": "72337",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72337"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"name": "1031644",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031644"
},
{
"name": "vmware-cve20151043-dos(100934)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100934"
},
{
"name": "62551",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62551"
},
{
"name": "72337",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72337"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1043",
"datePublished": "2015-01-29T18:00:00",
"dateReserved": "2015-01-12T00:00:00",
"dateUpdated": "2024-08-06T04:33:19.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4279
Vulnerability from cvelistv5
Published
2008-10-06 18:00
Modified
2024-08-07 10:08
Severity ?
EPSS score ?
Summary
The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:34.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32157",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32157"
},
{
"name": "20081004 VMware Emulation Flaw x64 Guest Privilege Escalation (1/2)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "vmware-esxesxi-jump-privilege-escalation(45668)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45668"
},
{
"name": "31569",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31569"
},
{
"name": "1020991",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020991"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:5929",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32157",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32157"
},
{
"name": "20081004 VMware Emulation Flaw x64 Guest Privilege Escalation (1/2)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html"
},
{
"name": "32179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "32180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "vmware-esxesxi-jump-privilege-escalation(45668)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45668"
},
{
"name": "31569",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31569"
},
{
"name": "1020991",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020991"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:5929",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4279",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"name": "32157",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32157"
},
{
"name": "20081004 VMware Emulation Flaw x64 Guest Privilege Escalation (1/2)",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html"
},
{
"name": "32179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32179"
},
{
"name": "ADV-2008-2740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"name": "32180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32180"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"name": "vmware-esxesxi-jump-privilege-escalation(45668)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45668"
},
{
"name": "31569",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31569"
},
{
"name": "1020991",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020991"
},
{
"name": "20081004 VMSA-2008-0016 VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:5929",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4279",
"datePublished": "2008-10-06T18:00:00",
"dateReserved": "2008-09-26T00:00:00",
"dateUpdated": "2024-08-07T10:08:34.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2249
Vulnerability from cvelistv5
Published
2010-06-30 18:00
Modified
2024-08-07 02:25
Severity ?
EPSS score ?
Summary
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:25:07.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"name": "MDVSA-2010:133",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"name": "41174",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/41174"
},
{
"name": "ADV-2010-1877",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "ADV-2010-1837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-1755",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "40472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4566"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
},
{
"name": "40302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40302"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "40336",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40336"
},
{
"name": "libpng-scal-dos(59816)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
},
{
"name": "41574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41574"
},
{
"name": "USN-960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-960-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"name": "APPLE-SA-2011-03-02-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"name": "FEDORA-2010-10823",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
},
{
"name": "DSA-2072",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"name": "40547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40547"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"name": "ADV-2010-1637",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4554"
},
{
"name": "SUSE-SR:2010:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name": "APPLE-SA-2011-03-09-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"name": "SSA:2010-180-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"name": "FEDORA-2010-10833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "ADV-2010-2491",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"name": "ADV-2010-1846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "ADV-2010-1612",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1612"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"name": "MDVSA-2010:133",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"name": "41174",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/41174"
},
{
"name": "ADV-2010-1877",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"name": "1024723",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "ADV-2010-1837",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-1755",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "40472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4566"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
},
{
"name": "40302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40302"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "40336",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40336"
},
{
"name": "libpng-scal-dos(59816)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
},
{
"name": "41574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41574"
},
{
"name": "USN-960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-960-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"name": "APPLE-SA-2011-03-02-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"name": "FEDORA-2010-10823",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
},
{
"name": "DSA-2072",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"name": "40547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40547"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"name": "ADV-2010-1637",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4554"
},
{
"name": "SUSE-SR:2010:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"name": "APPLE-SA-2011-03-09-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"name": "SSA:2010-180-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"name": "FEDORA-2010-10833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "ADV-2010-2491",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"name": "ADV-2010-1846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "ADV-2010-1612",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1612"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2249",
"datePublished": "2010-06-30T18:00:00",
"dateReserved": "2010-06-09T00:00:00",
"dateUpdated": "2024-08-07T02:25:07.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1244
Vulnerability from cvelistv5
Published
2009-04-13 16:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49834 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/34471 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1022031 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/53634 | vdb-entry, x_refsource_OSVDB | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6065 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.vmware.com/security/advisories/VMSA-2009-0006.html | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2009/0944 | vdb-entry, x_refsource_VUPEN | |
| http://lists.vmware.com/pipermail/security-announce/2009/000055.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/archive/1/502615/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "vmware-virtualmachine-code-execution(49834)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49834"
},
{
"name": "34471",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34471"
},
{
"name": "1022031",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022031"
},
{
"name": "53634",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/53634"
},
{
"name": "oval:org.mitre.oval:def:6065",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6065"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0006.html"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000055.html"
},
{
"name": "20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502615/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "vmware-virtualmachine-code-execution(49834)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49834"
},
{
"name": "34471",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34471"
},
{
"name": "1022031",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022031"
},
{
"name": "53634",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/53634"
},
{
"name": "oval:org.mitre.oval:def:6065",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6065"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0006.html"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000055.html"
},
{
"name": "20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502615/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "vmware-virtualmachine-code-execution(49834)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49834"
},
{
"name": "34471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34471"
},
{
"name": "1022031",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022031"
},
{
"name": "53634",
"refsource": "OSVDB",
"url": "http://osvdb.org/53634"
},
{
"name": "oval:org.mitre.oval:def:6065",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6065"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0006.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0006.html"
},
{
"name": "ADV-2009-0944",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000055.html"
},
{
"name": "20090410 VMSA-2009-0006 VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502615/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1244",
"datePublished": "2009-04-13T16:00:00",
"dateReserved": "2009-04-06T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-1208
Vulnerability from cvelistv5
Published
2014-01-17 19:00
Modified
2024-08-06 09:34
Severity ?
EPSS score ?
Summary
VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/56499 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vmware.com/security/advisories/VMSA-2014-0001.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/64994 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1029644 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/102197 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id/1029643 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90558 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:34:41.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56499",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56499"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0001.html"
},
{
"name": "64994",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64994"
},
{
"name": "1029644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029644"
},
{
"name": "102197",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102197"
},
{
"name": "1029643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029643"
},
{
"name": "vmware-esx-cve20141208-dos(90558)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90558"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "56499",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56499"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0001.html"
},
{
"name": "64994",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64994"
},
{
"name": "1029644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029644"
},
{
"name": "102197",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102197"
},
{
"name": "1029643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029643"
},
{
"name": "vmware-esx-cve20141208-dos(90558)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90558"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56499",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56499"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0001.html"
},
{
"name": "64994",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64994"
},
{
"name": "1029644",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029644"
},
{
"name": "102197",
"refsource": "OSVDB",
"url": "http://osvdb.org/102197"
},
{
"name": "1029643",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029643"
},
{
"name": "vmware-esx-cve20141208-dos(90558)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90558"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1208",
"datePublished": "2014-01-17T19:00:00",
"dateReserved": "2014-01-07T00:00:00",
"dateUpdated": "2024-08-06T09:34:41.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4497
Vulnerability from cvelistv5
Published
2007-09-21 18:00
Modified
2024-08-07 15:01
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27694"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "25731",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25731"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1018718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018718"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27694"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "25731",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25731"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1018718",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018718"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "GLSA-200711-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27694"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "25731",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25731"
},
{
"name": "26890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26890"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1018718",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018718"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4497",
"datePublished": "2007-09-21T18:00:00",
"dateReserved": "2007-08-22T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3696
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3695.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:19.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3695."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3695."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020791"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31710"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30934"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3696",
"datePublished": "2008-09-03T14:00:00",
"dateReserved": "2008-08-14T00:00:00",
"dateUpdated": "2024-08-07T09:45:19.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3288
Vulnerability from cvelistv5
Published
2012-06-14 20:00
Modified
2024-08-06 19:57
Severity ?
EPSS score ?
Summary
VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2012-0011.html | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17178 | vdb-entry, signature, x_refsource_OVAL |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:57:50.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
},
{
"name": "oval:org.mitre.oval:def:17178",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17178"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
},
{
"name": "oval:org.mitre.oval:def:17178",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17178"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
},
{
"name": "oval:org.mitre.oval:def:17178",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17178"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3288",
"datePublished": "2012-06-14T20:00:00",
"dateReserved": "2012-06-07T00:00:00",
"dateUpdated": "2024-08-06T19:57:50.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3698
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the OpenProcess function in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 on Windows allows local host OS users to gain privileges on the host OS via unknown vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:19.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "30936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30936"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "vmware-openprocess-privilege-escalation(44795)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1020790",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020790"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the OpenProcess function in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 on Windows allows local host OS users to gain privileges on the host OS via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "30936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30936"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "vmware-openprocess-privilege-escalation(44795)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1020790",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020790"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3698",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the OpenProcess function in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 on Windows allows local host OS users to gain privileges on the host OS via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "30936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30936"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "vmware-openprocess-privilege-escalation(44795)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44795"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1020790",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020790"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "4202",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3698",
"datePublished": "2008-09-03T14:00:00",
"dateReserved": "2008-08-14T00:00:00",
"dateUpdated": "2024-08-07T09:45:19.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-3732
Vulnerability from cvelistv5
Published
2010-04-12 18:00
Modified
2024-08-07 06:38
Severity ?
EPSS score ?
Summary
Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing-list, x_refsource_MLIST | |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/39110 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | x_refsource_CONFIRM | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:38:30.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "39110",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39110"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "39110",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39110"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "39110",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39110"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3732",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2009-10-20T00:00:00",
"dateUpdated": "2024-08-07T06:38:30.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2339
Vulnerability from cvelistv5
Published
2015-06-13 14:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032529 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75092 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2015-0004.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032530 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:15.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75092",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75092",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2339",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032529",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75092"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2339",
"datePublished": "2015-06-13T14:00:00",
"dateReserved": "2015-03-18T00:00:00",
"dateUpdated": "2024-08-06T05:10:15.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3692
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:19.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020791"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31710"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30934"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3692",
"datePublished": "2008-09-03T14:00:00",
"dateReserved": "2008-08-14T00:00:00",
"dateUpdated": "2024-08-07T09:45:19.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-3589
Vulnerability from cvelistv5
Published
2006-07-19 23:00
Modified
2024-08-07 18:30
Severity ?
EPSS score ?
Summary
vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.466Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"name": "19060",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19060"
},
{
"name": "23680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23680"
},
{
"name": "21120",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21120"
},
{
"name": "1016536",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016536"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"name": "20060718 VMSA-2006-0003 VMware possible incorrect permissions on SSL key files",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440583/100/0/threaded"
},
{
"name": "ADV-2006-2880",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2880"
},
{
"name": "19062",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19062"
},
{
"name": "20070110 VMware ESX server security updates",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"name": "27418",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27418"
},
{
"name": "vmware-vmwareconfig-file-permissions(27881)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27881"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.vmware.com/kb/2467205"
},
{
"name": "20060725 Advisory: VMware Possible Incorrect Permissions On SSL Key Files",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441082/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"name": "19060",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19060"
},
{
"name": "23680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23680"
},
{
"name": "21120",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21120"
},
{
"name": "1016536",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016536"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"name": "20060718 VMSA-2006-0003 VMware possible incorrect permissions on SSL key files",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440583/100/0/threaded"
},
{
"name": "ADV-2006-2880",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2880"
},
{
"name": "19062",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19062"
},
{
"name": "20070110 VMware ESX server security updates",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"name": "27418",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27418"
},
{
"name": "vmware-vmwareconfig-file-permissions(27881)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27881"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.vmware.com/kb/2467205"
},
{
"name": "20060725 Advisory: VMware Possible Incorrect Permissions On SSL Key Files",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441082/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"name": "19060",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19060"
},
{
"name": "23680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23680"
},
{
"name": "21120",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21120"
},
{
"name": "1016536",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016536"
},
{
"name": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"name": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"name": "20060718 VMSA-2006-0003 VMware possible incorrect permissions on SSL key files",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440583/100/0/threaded"
},
{
"name": "ADV-2006-2880",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2880"
},
{
"name": "19062",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19062"
},
{
"name": "20070110 VMware ESX server security updates",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"name": "27418",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27418"
},
{
"name": "vmware-vmwareconfig-file-permissions(27881)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27881"
},
{
"name": "http://kb.vmware.com/kb/2467205",
"refsource": "CONFIRM",
"url": "http://kb.vmware.com/kb/2467205"
},
{
"name": "20060725 Advisory: VMware Possible Incorrect Permissions On SSL Key Files",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441082/100/0/threaded"
},
{
"name": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3589",
"datePublished": "2006-07-19T23:00:00",
"dateReserved": "2006-07-13T00:00:00",
"dateUpdated": "2024-08-07T18:30:34.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1361
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "1019621",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019621"
},
{
"name": "vmware-authd-privilege-escalation(41257)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "1019621",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019621"
},
{
"name": "vmware-authd-privilege-escalation(41257)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "1019621",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019621"
},
{
"name": "vmware-authd-privilege-escalation(41257)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28276"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1361",
"datePublished": "2008-03-20T00:00:00",
"dateReserved": "2008-03-17T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0063
Vulnerability from cvelistv5
Published
2007-09-21 18:00
Modified
2024-08-07 12:03
Severity ?
EPSS score ?
Summary
Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:37.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "dhcp-param-underflow(33103)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33103"
},
{
"name": "1018717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27694"
},
{
"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "dhcp-param-underflow(33103)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33103"
},
{
"name": "1018717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27694"
},
{
"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25729"
},
{
"name": "GLSA-200711-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "USN-543-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"name": "dhcp-param-underflow(33103)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33103"
},
{
"name": "1018717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018717"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "27694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27694"
},
{
"name": "20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities",
"refsource": "ISS",
"url": "http://www.iss.net/threats/275.html"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26890"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0063",
"datePublished": "2007-09-21T18:00:00",
"dateReserved": "2007-01-04T00:00:00",
"dateUpdated": "2024-08-07T12:03:37.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1787
Vulnerability from cvelistv5
Published
2011-06-06 19:00
Modified
2024-08-06 22:37
Severity ?
EPSS score ?
Summary
Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/44904 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/48098 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2011-0009.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/44840 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1025601 | vdb-entry, x_refsource_SECTRACK | |
| https://hermes.opensuse.org/messages/8711677 | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44904"
},
{
"name": "48098",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48098"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "44840",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44840"
},
{
"name": "1025601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025601"
},
{
"name": "openSUSE-SU-2011:0617",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/8711677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-11T23:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "44904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44904"
},
{
"name": "48098",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48098"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "44840",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44840"
},
{
"name": "1025601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025601"
},
{
"name": "openSUSE-SU-2011:0617",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/8711677"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44904",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44904"
},
{
"name": "48098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48098"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "44840",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44840"
},
{
"name": "1025601",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025601"
},
{
"name": "openSUSE-SU-2011:0617",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/8711677"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1787",
"datePublished": "2011-06-06T19:00:00",
"dateReserved": "2011-04-19T00:00:00",
"dateUpdated": "2024-08-06T22:37:25.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-1044
Vulnerability from cvelistv5
Published
2015-01-29 18:00
Modified
2024-08-06 04:33
Severity ?
EPSS score ?
Summary
vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1031645 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/72336 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2015-0001.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/62569 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/100935 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id/1031646 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/62551 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/62669 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:33:20.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1031645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031645"
},
{
"name": "72336",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72336"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"name": "62569",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62569"
},
{
"name": "vmware-cve20151044-dos(100935)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100935"
},
{
"name": "1031646",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031646"
},
{
"name": "62551",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62551"
},
{
"name": "62669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62669"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1031645",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031645"
},
{
"name": "72336",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72336"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"name": "62569",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62569"
},
{
"name": "vmware-cve20151044-dos(100935)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100935"
},
{
"name": "1031646",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031646"
},
{
"name": "62551",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62551"
},
{
"name": "62669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62669"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031645",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031645"
},
{
"name": "72336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72336"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"name": "62569",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62569"
},
{
"name": "vmware-cve20151044-dos(100935)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100935"
},
{
"name": "1031646",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031646"
},
{
"name": "62551",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62551"
},
{
"name": "62669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62669"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1044",
"datePublished": "2015-01-29T18:00:00",
"dateReserved": "2015-01-12T00:00:00",
"dateUpdated": "2024-08-06T04:33:20.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3289
Vulnerability from cvelistv5
Published
2012-06-14 20:00
Modified
2024-09-16 18:29
Severity ?
EPSS score ?
Summary
VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2012-0011.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:57:50.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-14T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3289",
"datePublished": "2012-06-14T20:00:00Z",
"dateReserved": "2012-06-07T00:00:00Z",
"dateUpdated": "2024-09-16T18:29:08.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1565
Vulnerability from cvelistv5
Published
2010-04-12 18:00
Modified
2024-08-07 05:20
Severity ?
EPSS score ?
Summary
vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors."
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/39206 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/36712 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | x_refsource_CONFIRM | |
| http://www.osvdb.org/63615 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/secunia_research/2009-37/ | x_refsource_MISC | |
| http://www.securitytracker.com/id?1023838 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/39364 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/39215 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:20:33.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "36712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36712"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63615",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/63615"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"name": "1023838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023838"
},
{
"name": "39364",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39364"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to \"integer truncation errors.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-22T09:00:00",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "36712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36712"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63615",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/63615"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"name": "1023838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023838"
},
{
"name": "39364",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39364"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-1565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to \"integer truncation errors.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "36712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36712"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63615",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/63615"
},
{
"name": "http://secunia.com/secunia_research/2009-37/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"name": "1023838",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023838"
},
{
"name": "39364",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39364"
},
{
"name": "39215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39215"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-1565",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2009-05-06T00:00:00",
"dateUpdated": "2024-08-07T05:20:33.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4294
Vulnerability from cvelistv5
Published
2010-12-06 21:00
Modified
2024-08-07 03:43
Severity ?
EPSS score ?
Summary
The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x before 3.1.2 build 301548 on Windows, and VMware Server 2.x on Windows does not properly validate an unspecified size field, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted video file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.vmware.com/pipermail/security-announce/2010/000112.html | mailing-list, x_refsource_MLIST | |
| http://www.vmware.com/security/advisories/VMSA-2010-0018.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/45169 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/514995/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/69596 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1024819 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/42482 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2010/3116 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:43:14.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45169",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45169"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "69596",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/69596"
},
{
"name": "1024819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x before 3.1.2 build 301548 on Windows, and VMware Server 2.x on Windows does not properly validate an unspecified size field, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted video file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45169",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45169"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "69596",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/69596"
},
{
"name": "1024819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x before 3.1.2 build 301548 on Windows, and VMware Server 2.x on Windows does not properly validate an unspecified size field, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted video file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45169",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45169"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "69596",
"refsource": "OSVDB",
"url": "http://osvdb.org/69596"
},
{
"name": "1024819",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3116"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4294",
"datePublished": "2010-12-06T21:00:00",
"dateReserved": "2010-11-18T00:00:00",
"dateUpdated": "2024-08-07T03:43:14.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4297
Vulnerability from cvelistv5
Published
2010-12-06 21:00
Modified
2024-08-07 03:43
Severity ?
EPSS score ?
Summary
The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a "command injection" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.vmware.com/pipermail/security-announce/2010/000112.html | mailing-list, x_refsource_MLIST | |
| http://osvdb.org/69590 | vdb-entry, x_refsource_OSVDB | |
| http://www.vmware.com/security/advisories/VMSA-2010-0018.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/45166 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/514995/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/42480 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1024819 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/42482 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2010/3116 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1024820 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:43:14.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"name": "69590",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/69590"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45166",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45166"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "42480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42480"
},
{
"name": "1024819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"name": "1024820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024820"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a \"command injection\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"name": "69590",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/69590"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45166",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45166"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "42480",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42480"
},
{
"name": "1024819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"name": "1024820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024820"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a \"command injection\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"name": "69590",
"refsource": "OSVDB",
"url": "http://osvdb.org/69590"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45166",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45166"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "42480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42480"
},
{
"name": "1024819",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"name": "1024820",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024820"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4297",
"datePublished": "2010-12-06T21:00:00",
"dateReserved": "2010-11-18T00:00:00",
"dateUpdated": "2024-08-07T03:43:14.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2450
Vulnerability from cvelistv5
Published
2012-05-04 16:00
Modified
2024-08-06 19:34
Severity ?
EPSS score ?
Summary
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75377 | vdb-entry, x_refsource_XF | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16852 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.vmware.com/security/advisories/VMSA-2012-0009.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/49032 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/53369 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/81695 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1027019 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "esxserver-scsi-priv-esc(75377)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75377"
},
{
"name": "oval:org.mitre.oval:def:16852",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16852"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"name": "49032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49032"
},
{
"name": "53369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53369"
},
{
"name": "81695",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81695"
},
{
"name": "1027019",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "esxserver-scsi-priv-esc(75377)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75377"
},
{
"name": "oval:org.mitre.oval:def:16852",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16852"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"name": "49032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49032"
},
{
"name": "53369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53369"
},
{
"name": "81695",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81695"
},
{
"name": "1027019",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027019"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "esxserver-scsi-priv-esc(75377)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75377"
},
{
"name": "oval:org.mitre.oval:def:16852",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16852"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"name": "49032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49032"
},
{
"name": "53369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53369"
},
{
"name": "81695",
"refsource": "OSVDB",
"url": "http://osvdb.org/81695"
},
{
"name": "1027019",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027019"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2450",
"datePublished": "2012-05-04T16:00:00",
"dateReserved": "2012-05-01T00:00:00",
"dateUpdated": "2024-08-06T19:34:25.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3277
Vulnerability from cvelistv5
Published
2010-09-28 17:00
Modified
2024-09-17 03:49
Severity ?
EPSS score ?
Summary
The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2010-0014.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/41574 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.vmware.com/pipermail/security-announce/2010/000105.html | mailing-list, x_refsource_MLIST | |
| http://www.vupen.com/english/advisories/2010/2491 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1024481 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"name": "41574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41574"
},
{
"name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"name": "ADV-2010-2491",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"name": "1024481",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024481"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-28T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"name": "41574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41574"
},
{
"name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"name": "ADV-2010-2491",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"name": "1024481",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024481"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"name": "41574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41574"
},
{
"name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"name": "ADV-2010-2491",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"name": "1024481",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024481"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3277",
"datePublished": "2010-09-28T17:00:00Z",
"dateReserved": "2010-09-09T00:00:00Z",
"dateUpdated": "2024-09-17T03:49:11.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3793
Vulnerability from cvelistv5
Published
2014-05-31 10:00
Modified
2024-08-06 10:57
Severity ?
EPSS score ?
Summary
VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2014-0005.html | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/126869/VMware-Security-Advisory-2014-0005.html | x_refsource_MISC | |
| http://www.securitytracker.com/id/1030310 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1030311 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/532236/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/58894 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:57:17.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/126869/VMware-Security-Advisory-2014-0005.html"
},
{
"name": "1030310",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030310"
},
{
"name": "1030311",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030311"
},
{
"name": "20140530 NEW VMSA-2014-0005 - VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532236/100/0/threaded"
},
{
"name": "58894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58894"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/126869/VMware-Security-Advisory-2014-0005.html"
},
{
"name": "1030310",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030310"
},
{
"name": "1030311",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030311"
},
{
"name": "20140530 NEW VMSA-2014-0005 - VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532236/100/0/threaded"
},
{
"name": "58894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58894"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0005.html"
},
{
"name": "http://packetstormsecurity.com/files/126869/VMware-Security-Advisory-2014-0005.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126869/VMware-Security-Advisory-2014-0005.html"
},
{
"name": "1030310",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030310"
},
{
"name": "1030311",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030311"
},
{
"name": "20140530 NEW VMSA-2014-0005 - VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532236/100/0/threaded"
},
{
"name": "58894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58894"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3793",
"datePublished": "2014-05-31T10:00:00",
"dateReserved": "2014-05-20T00:00:00",
"dateUpdated": "2024-08-06T10:57:17.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1805
Vulnerability from cvelistv5
Published
2009-06-01 19:00
Modified
2024-08-07 05:27
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/35269 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/35141 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2009-0007.html | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6130 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/archive/1/503912/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2009/1452 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1022300 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35269"
},
{
"name": "35141",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35141"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0007.html"
},
{
"name": "oval:org.mitre.oval:def:6130",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6130"
},
{
"name": "20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/503912/100/0/threaded"
},
{
"name": "ADV-2009-1452",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1452"
},
{
"name": "1022300",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35269"
},
{
"name": "35141",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35141"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0007.html"
},
{
"name": "oval:org.mitre.oval:def:6130",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6130"
},
{
"name": "20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/503912/100/0/threaded"
},
{
"name": "ADV-2009-1452",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1452"
},
{
"name": "1022300",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022300"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35269"
},
{
"name": "35141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35141"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0007.html"
},
{
"name": "oval:org.mitre.oval:def:6130",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6130"
},
{
"name": "20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503912/100/0/threaded"
},
{
"name": "ADV-2009-1452",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1452"
},
{
"name": "1022300",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022300"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1805",
"datePublished": "2009-06-01T19:00:00",
"dateReserved": "2009-05-28T00:00:00",
"dateUpdated": "2024-08-07T05:27:54.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5671
Vulnerability from cvelistv5
Published
2008-06-05 20:21
Modified
2024-08-07 15:39
Severity ?
EPSS score ?
Summary
HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\.\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2008-1744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "oval:org.mitre.oval:def:5688",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "30556",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30556"
},
{
"name": "20080604 VMware Tools HGFS Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
},
{
"name": "oval:org.mitre.oval:def:5358",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
},
{
"name": "20080606 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "1020197",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020197"
},
{
"name": "20080605 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
},
{
"name": "3922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3922"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\\\.\\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2008-1744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "oval:org.mitre.oval:def:5688",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "30556",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30556"
},
{
"name": "20080604 VMware Tools HGFS Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
},
{
"name": "oval:org.mitre.oval:def:5358",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
},
{
"name": "20080606 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "1020197",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020197"
},
{
"name": "20080605 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
},
{
"name": "3922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3922"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5671",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\\\.\\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2008-1744",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "oval:org.mitre.oval:def:5688",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "30556",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30556"
},
{
"name": "20080604 VMware Tools HGFS Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
},
{
"name": "oval:org.mitre.oval:def:5358",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
},
{
"name": "20080606 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "1020197",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020197"
},
{
"name": "20080605 Re: iDefense Security Advisory 06.04.08: VMware Tools HGFS Local Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
},
{
"name": "3922",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3922"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5671",
"datePublished": "2008-06-05T20:21:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1147
Vulnerability from cvelistv5
Published
2009-04-06 15:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5471 | vdb-entry, signature, x_refsource_OVAL | |
| http://seclists.org/fulldisclosure/2009/Apr/0036.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/bid/34373 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2009/0944 | vdb-entry, x_refsource_VUPEN | |
| http://lists.vmware.com/pipermail/security-announce/2009/000054.html | mailing-list, x_refsource_MLIST | |
| http://www.vmware.com/security/advisories/VMSA-2009-0005.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1021976 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:48.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5471",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5471"
},
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"name": "1021976",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021976"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5471",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5471"
},
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"name": "1021976",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021976"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:5471",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5471"
},
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "ADV-2009-0944",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"name": "1021976",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021976"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1147",
"datePublished": "2009-04-06T15:00:00",
"dateReserved": "2009-03-25T00:00:00",
"dateUpdated": "2024-08-07T05:04:48.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4915
Vulnerability from cvelistv5
Published
2008-11-10 11:00
Modified
2024-08-07 10:31
Severity ?
EPSS score ?
Summary
The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6309 | vdb-entry, signature, x_refsource_OVAL | |
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/32168 | vdb-entry, x_refsource_BID | |
| http://lists.vmware.com/pipermail/security-announce/2008/000042.html | mailing-list, x_refsource_MLIST | |
| http://www.securitytracker.com/id?1021154 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/498138/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/32612 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/32624 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/46415 | vdb-entry, x_refsource_XF | |
| http://www.vmware.com/security/advisories/VMSA-2008-0018.html | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2008/3052 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:31:28.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:6309",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6309"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "32168",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32168"
},
{
"name": "[Security-announce] 20081106 VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000042.html"
},
{
"name": "1021154",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021154"
},
{
"name": "20081107 VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498138/100/0/threaded"
},
{
"name": "32612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32612"
},
{
"name": "32624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32624"
},
{
"name": "vmware-cpuhardware-priv-escalation(46415)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46415"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0018.html"
},
{
"name": "ADV-2008-3052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:6309",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6309"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "32168",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32168"
},
{
"name": "[Security-announce] 20081106 VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000042.html"
},
{
"name": "1021154",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021154"
},
{
"name": "20081107 VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498138/100/0/threaded"
},
{
"name": "32612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32612"
},
{
"name": "32624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32624"
},
{
"name": "vmware-cpuhardware-priv-escalation(46415)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46415"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0018.html"
},
{
"name": "ADV-2008-3052",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:6309",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6309"
},
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "32168",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32168"
},
{
"name": "[Security-announce] 20081106 VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000042.html"
},
{
"name": "1021154",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021154"
},
{
"name": "20081107 VMSA-2008-0018 VMware Hosted products and patches for ESX and ESXi resolve two security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498138/100/0/threaded"
},
{
"name": "32612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32612"
},
{
"name": "32624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32624"
},
{
"name": "vmware-cpuhardware-priv-escalation(46415)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46415"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0018.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0018.html"
},
{
"name": "ADV-2008-3052",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4915",
"datePublished": "2008-11-10T11:00:00",
"dateReserved": "2008-11-03T00:00:00",
"dateUpdated": "2024-08-07T10:31:28.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4459
Vulnerability from cvelistv5
Published
2005-12-21 20:00
Modified
2024-08-07 23:46
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18344",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18344"
},
{
"name": "282",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/282"
},
{
"name": "ADV-2005-3013",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/3013"
},
{
"name": "18162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18162"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000"
},
{
"name": "GLSA-200601-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml"
},
{
"name": "15998",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15998"
},
{
"name": "1015401",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015401"
},
{
"name": "20051221 [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 \u003c= build-18007 G SX Server Variants And Others",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html"
},
{
"name": "VU#856689",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/856689"
},
{
"name": "20051221 [Security-Advisories (at) acs-inc (dot) com [email concealed]: [Full-disclosure] [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 \u003c= build-18007 G SX Server Variants And Others]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419997/100/0/threaded"
},
{
"name": "20051221 VMware vulnerability in NAT networking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/420017/100/0/threaded"
},
{
"name": "289",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/289"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18344",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18344"
},
{
"name": "282",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/282"
},
{
"name": "ADV-2005-3013",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/3013"
},
{
"name": "18162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18162"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000"
},
{
"name": "GLSA-200601-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml"
},
{
"name": "15998",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15998"
},
{
"name": "1015401",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015401"
},
{
"name": "20051221 [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 \u003c= build-18007 G SX Server Variants And Others",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html"
},
{
"name": "VU#856689",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/856689"
},
{
"name": "20051221 [Security-Advisories (at) acs-inc (dot) com [email concealed]: [Full-disclosure] [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 \u003c= build-18007 G SX Server Variants And Others]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/419997/100/0/threaded"
},
{
"name": "20051221 VMware vulnerability in NAT networking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/420017/100/0/threaded"
},
{
"name": "289",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/289"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18344",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18344"
},
{
"name": "282",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/282"
},
{
"name": "ADV-2005-3013",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3013"
},
{
"name": "18162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18162"
},
{
"name": "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000"
},
{
"name": "GLSA-200601-04",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml"
},
{
"name": "15998",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15998"
},
{
"name": "1015401",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015401"
},
{
"name": "20051221 [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 \u003c= build-18007 G SX Server Variants And Others",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html"
},
{
"name": "VU#856689",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/856689"
},
{
"name": "20051221 [Security-Advisories (at) acs-inc (dot) com [email concealed]: [Full-disclosure] [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 \u003c= build-18007 G SX Server Variants And Others]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419997/100/0/threaded"
},
{
"name": "20051221 VMware vulnerability in NAT networking",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/420017/100/0/threaded"
},
{
"name": "289",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/289"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4459",
"datePublished": "2005-12-21T20:00:00",
"dateReserved": "2005-12-21T00:00:00",
"dateUpdated": "2024-08-07T23:46:05.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5458
Vulnerability from cvelistv5
Published
2012-11-14 11:00
Modified
2024-08-06 21:05
Severity ?
EPSS score ?
Summary
VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/79924 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/87118 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/56469 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2012-0015.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "workstation-player-priv-esc(79924)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79924"
},
{
"name": "87118",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/87118"
},
{
"name": "56469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56469"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "workstation-player-priv-esc(79924)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79924"
},
{
"name": "87118",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/87118"
},
{
"name": "56469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56469"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "workstation-player-priv-esc(79924)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79924"
},
{
"name": "87118",
"refsource": "OSVDB",
"url": "http://osvdb.org/87118"
},
{
"name": "56469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56469"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5458",
"datePublished": "2012-11-14T11:00:00",
"dateReserved": "2012-10-24T00:00:00",
"dateUpdated": "2024-08-06T21:05:47.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2337
Vulnerability from cvelistv5
Published
2015-06-13 14:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032529 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75095 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2015-0004.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032530 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:16.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75095",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75095"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75095",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75095"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032529",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75095",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75095"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2337",
"datePublished": "2015-06-13T14:00:00",
"dateReserved": "2015-03-18T00:00:00",
"dateUpdated": "2024-08-06T05:10:16.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4295
Vulnerability from cvelistv5
Published
2010-12-06 21:00
Modified
2024-08-07 03:43
Severity ?
EPSS score ?
Summary
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.vmware.com/pipermail/security-announce/2010/000112.html | mailing-list, x_refsource_MLIST | |
| http://osvdb.org/69585 | vdb-entry, x_refsource_OSVDB | |
| http://www.vmware.com/security/advisories/VMSA-2010-0018.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/45167 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/514995/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/42453 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1024819 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/42482 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2010/3116 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1024820 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:43:13.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"name": "69585",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/69585"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45167",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45167"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "42453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42453"
},
{
"name": "1024819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"name": "1024820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024820"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"name": "69585",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/69585"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45167",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45167"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "42453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42453"
},
{
"name": "1024819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"name": "1024820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024820"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"name": "69585",
"refsource": "OSVDB",
"url": "http://osvdb.org/69585"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45167",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45167"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "42453",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42453"
},
{
"name": "1024819",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"name": "1024820",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024820"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4295",
"datePublished": "2010-12-06T21:00:00",
"dateReserved": "2010-11-18T00:00:00",
"dateUpdated": "2024-08-07T03:43:13.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-8370
Vulnerability from cvelistv5
Published
2015-01-29 18:00
Modified
2024-08-06 13:18
Severity ?
EPSS score ?
Summary
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvn.jp/en/jp/JVN88252465/index.html | third-party-advisory, x_refsource_JVN | |
| http://www.securitytracker.com/id/1031642 | vdb-entry, x_refsource_SECTRACK | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007 | third-party-advisory, x_refsource_JVNDB | |
| http://www.vmware.com/security/advisories/VMSA-2015-0001.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/62605 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/72338 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/100933 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/62551 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id/1031643 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/62669 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:18:47.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#88252465",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN88252465/index.html"
},
{
"name": "1031642",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031642"
},
{
"name": "JVNDB-2015-000007",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"name": "62605",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62605"
},
{
"name": "72338",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72338"
},
{
"name": "vmware-cve20148370-priv-esc(100933)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100933"
},
{
"name": "62551",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62551"
},
{
"name": "1031643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031643"
},
{
"name": "62669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62669"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVN#88252465",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN88252465/index.html"
},
{
"name": "1031642",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031642"
},
{
"name": "JVNDB-2015-000007",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"name": "62605",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62605"
},
{
"name": "72338",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72338"
},
{
"name": "vmware-cve20148370-priv-esc(100933)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100933"
},
{
"name": "62551",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62551"
},
{
"name": "1031643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031643"
},
{
"name": "62669",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62669"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#88252465",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN88252465/index.html"
},
{
"name": "1031642",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031642"
},
{
"name": "JVNDB-2015-000007",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"name": "62605",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62605"
},
{
"name": "72338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72338"
},
{
"name": "vmware-cve20148370-priv-esc(100933)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100933"
},
{
"name": "62551",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62551"
},
{
"name": "1031643",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031643"
},
{
"name": "62669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62669"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8370",
"datePublished": "2015-01-29T18:00:00",
"dateReserved": "2014-10-21T00:00:00",
"dateUpdated": "2024-08-06T13:18:47.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1146
Vulnerability from cvelistv5
Published
2009-04-06 15:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2009/Apr/0036.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/bid/34373 | vdb-entry, x_refsource_BID | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6310 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.vupen.com/english/advisories/2009/0944 | vdb-entry, x_refsource_VUPEN | |
| http://lists.vmware.com/pipermail/security-announce/2009/000054.html | mailing-list, x_refsource_MLIST | |
| http://www.securitytracker.com/id?1021977 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2009-0005.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:48.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "oval:org.mitre.oval:def:6310",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6310"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"name": "1021977",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021977"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "oval:org.mitre.oval:def:6310",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6310"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"name": "1021977",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021977"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "oval:org.mitre.oval:def:6310",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6310"
},
{
"name": "ADV-2009-0944",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"name": "1021977",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021977"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1146",
"datePublished": "2009-04-06T15:00:00",
"dateReserved": "2009-03-25T00:00:00",
"dateUpdated": "2024-08-07T05:04:48.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2077
Vulnerability from cvelistv5
Published
2016-05-18 14:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1035900 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2016-0005.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:50.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035900"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1035900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035900"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0005.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2077",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035900",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035900"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2016-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0005.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2077",
"datePublished": "2016-05-18T14:00:00",
"dateReserved": "2016-01-26T00:00:00",
"dateUpdated": "2024-08-05T23:17:50.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5023
Vulnerability from cvelistv5
Published
2007-09-21 18:00
Modified
2024-08-07 15:17
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious "program.exe" file in the C: folder.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/support/server/doc/releasenotes_server.html | x_refsource_CONFIRM | |
| http://www.vmware.com/support/player2/doc/releasenotes_player2.html | x_refsource_CONFIRM | |
| http://www.vmware.com/support/ace/doc/releasenotes_ace.html | x_refsource_CONFIRM | |
| http://www.vmware.com/support/player/doc/releasenotes_player.html | x_refsource_CONFIRM | |
| http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/25732 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:27.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "25732",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25732"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious \"program.exe\" file in the C: folder."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "25732",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25732"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious \"program.exe\" file in the C: folder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "25732",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25732"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5023",
"datePublished": "2007-09-21T18:00:00",
"dateReserved": "2007-09-21T00:00:00",
"dateUpdated": "2024-08-07T15:17:27.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3695
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3696.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:19.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3696."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3695",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3696."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020791"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31710"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30934"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3695",
"datePublished": "2008-09-03T14:00:00",
"dateReserved": "2008-08-14T00:00:00",
"dateUpdated": "2024-08-07T09:45:19.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1518
Vulnerability from cvelistv5
Published
2012-04-17 21:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/48782 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/81163 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1026922 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/53006 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2012-0007.html | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16745 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securitytracker.com/id?1026923 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48782"
},
{
"name": "81163",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81163"
},
{
"name": "1026922",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026922"
},
{
"name": "53006",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0007.html"
},
{
"name": "oval:org.mitre.oval:def:16745",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16745"
},
{
"name": "1026923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "48782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48782"
},
{
"name": "81163",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81163"
},
{
"name": "1026922",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026922"
},
{
"name": "53006",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0007.html"
},
{
"name": "oval:org.mitre.oval:def:16745",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16745"
},
{
"name": "1026923",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "48782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48782"
},
{
"name": "81163",
"refsource": "OSVDB",
"url": "http://osvdb.org/81163"
},
{
"name": "1026922",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026922"
},
{
"name": "53006",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53006"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0007.html"
},
{
"name": "oval:org.mitre.oval:def:16745",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16745"
},
{
"name": "1026923",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1518",
"datePublished": "2012-04-17T21:00:00",
"dateReserved": "2012-03-08T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0910
Vulnerability from cvelistv5
Published
2009-04-06 15:00
Modified
2024-08-07 04:57
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://seclists.org/fulldisclosure/2009/Apr/0036.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/bid/34373 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2009/0944 | vdb-entry, x_refsource_VUPEN | |
| http://lists.vmware.com/pipermail/security-announce/2009/000054.html | mailing-list, x_refsource_MLIST | |
| http://www.vmware.com/security/advisories/VMSA-2009-0005.html | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5786 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securitytracker.com/id?1021974 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:16.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"name": "oval:org.mitre.oval:def:5786",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5786"
},
{
"name": "1021974",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021974"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"name": "oval:org.mitre.oval:def:5786",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5786"
},
{
"name": "1021974",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021974"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "ADV-2009-0944",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"name": "oval:org.mitre.oval:def:5786",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5786"
},
{
"name": "1021974",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021974"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0910",
"datePublished": "2009-04-06T15:00:00",
"dateReserved": "2009-03-14T00:00:00",
"dateUpdated": "2024-08-07T04:57:16.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3694
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3695, and CVE-2008-3696.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:19.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3695, and CVE-2008-3696."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3695, and CVE-2008-3696."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020791"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31710"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30934"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3694",
"datePublished": "2008-09-03T14:00:00",
"dateReserved": "2008-08-14T00:00:00",
"dateUpdated": "2024-08-07T09:45:19.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1564
Vulnerability from cvelistv5
Published
2010-04-12 18:00
Modified
2024-08-07 05:20
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/39206 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/63614 | vdb-entry, x_refsource_OSVDB | |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/36712 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing-list, x_refsource_BUGTRAQ | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=866 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/39363 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1023838 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/39215 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/secunia_research/2009-36/ | x_refsource_MISC | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:20:34.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "63614",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/63614"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "36712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36712"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "20100409 VMware VMnc Codec Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=866"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "39363",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39363"
},
{
"name": "1023838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023838"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39215"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-22T09:00:00",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "63614",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/63614"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "36712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36712"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "20100409 VMware VMnc Codec Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=866"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "39363",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39363"
},
{
"name": "1023838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023838"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39215"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-1564",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "63614",
"refsource": "OSVDB",
"url": "http://osvdb.org/63614"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "36712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36712"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "20100409 VMware VMnc Codec Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=866"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "39363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39363"
},
{
"name": "1023838",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023838"
},
{
"name": "39215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39215"
},
{
"name": "http://secunia.com/secunia_research/2009-36/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-1564",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2009-05-06T00:00:00",
"dateUpdated": "2024-08-07T05:20:34.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2449
Vulnerability from cvelistv5
Published
2012-05-04 16:00
Modified
2024-08-06 19:34
Severity ?
EPSS score ?
Summary
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/81694 | vdb-entry, x_refsource_OSVDB | |
| http://www.vmware.com/security/advisories/VMSA-2012-0009.html | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16863 | vdb-entry, signature, x_refsource_OVAL | |
| http://secunia.com/advisories/49032 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/53369 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75376 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1027019 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "81694",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81694"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"name": "oval:org.mitre.oval:def:16863",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16863"
},
{
"name": "49032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49032"
},
{
"name": "53369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53369"
},
{
"name": "vmware-esxserver-floppy-priv-esc(75376)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75376"
},
{
"name": "1027019",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "81694",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81694"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"name": "oval:org.mitre.oval:def:16863",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16863"
},
{
"name": "49032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49032"
},
{
"name": "53369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53369"
},
{
"name": "vmware-esxserver-floppy-priv-esc(75376)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75376"
},
{
"name": "1027019",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027019"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "81694",
"refsource": "OSVDB",
"url": "http://osvdb.org/81694"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"name": "oval:org.mitre.oval:def:16863",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16863"
},
{
"name": "49032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49032"
},
{
"name": "53369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53369"
},
{
"name": "vmware-esxserver-floppy-priv-esc(75376)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75376"
},
{
"name": "1027019",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027019"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2449",
"datePublished": "2012-05-04T16:00:00",
"dateReserved": "2012-05-01T00:00:00",
"dateUpdated": "2024-08-06T19:34:25.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-3868
Vulnerability from cvelistv5
Published
2011-10-07 20:00
Modified
2024-08-06 23:53
Severity ?
EPSS score ?
Summary
Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/46241 | third-party-advisory, x_refsource_SECUNIA | |
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/49942 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1026139 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2011-0011.html | x_refsource_CONFIRM | |
| http://osvdb.org/76060 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/520005/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:53:31.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46241"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "49942",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49942"
},
{
"name": "1026139",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026139"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0011.html"
},
{
"name": "76060",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/76060"
},
{
"name": "20111005 VMSA-2011-0011 VMware hosted products address remote code execution vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520005/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "46241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46241"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "49942",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49942"
},
{
"name": "1026139",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026139"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0011.html"
},
{
"name": "76060",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/76060"
},
{
"name": "20111005 VMSA-2011-0011 VMware hosted products address remote code execution vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520005/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3868",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46241",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46241"
},
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "49942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49942"
},
{
"name": "1026139",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026139"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0011.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0011.html"
},
{
"name": "76060",
"refsource": "OSVDB",
"url": "http://osvdb.org/76060"
},
{
"name": "20111005 VMSA-2011-0011 VMware hosted products address remote code execution vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520005/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3868",
"datePublished": "2011-10-07T20:00:00",
"dateReserved": "2011-09-29T00:00:00",
"dateUpdated": "2024-08-06T23:53:31.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0923
Vulnerability from cvelistv5
Published
2008-02-26 00:00
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27944",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27944"
},
{
"name": "29117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29117"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/?action=item\u0026id=2129"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488725/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "1019493",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019493"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "vmware-sharedfolders-directory-traversal(40837)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40837"
},
{
"name": "ADV-2008-0679",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0679"
},
{
"name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060457.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"name": "3700",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3700"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a \"%c0%2e%c0%2e\" string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27944",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27944"
},
{
"name": "29117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29117"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/?action=item\u0026id=2129"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488725/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "1019493",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019493"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "vmware-sharedfolders-directory-traversal(40837)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40837"
},
{
"name": "ADV-2008-0679",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0679"
},
{
"name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060457.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"name": "3700",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3700"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a \"%c0%2e%c0%2e\" string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27944",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27944"
},
{
"name": "29117",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29117"
},
{
"name": "http://www.coresecurity.com/?action=item\u0026id=2129",
"refsource": "MISC",
"url": "http://www.coresecurity.com/?action=item\u0026id=2129"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488725/100/0/threaded"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "1019493",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019493"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034",
"refsource": "CONFIRM",
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "vmware-sharedfolders-directory-traversal(40837)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40837"
},
{
"name": "ADV-2008-0679",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0679"
},
{
"name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060457.html"
},
{
"name": "28276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28276"
},
{
"name": "3700",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3700"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0923",
"datePublished": "2008-02-26T00:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1392
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://securityreason.com/securityalert/3755 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41551 | vdb-entry, x_refsource_XF | |
| http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html | x_refsource_CONFIRM | |
| http://www.vmware.com/support/player2/doc/releasenotes_player2.html | x_refsource_CONFIRM | |
| http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/489739/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://lists.vmware.com/pipermail/security-announce/2008/000008.html | mailing-list, x_refsource_MLIST | |
| http://www.vmware.com/security/advisories/VMSA-2008-0005.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/28276 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "vmware-vix-api-unspecified(41551)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41551"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "vmware-vix-api-unspecified(41551)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41551"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "vmware-vix-api-unspecified(41551)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41551"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28276"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1392",
"datePublished": "2008-03-20T00:00:00",
"dateReserved": "2008-03-19T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-2146
Vulnerability from cvelistv5
Published
2011-06-06 19:00
Modified
2024-08-06 22:53
Severity ?
EPSS score ?
Summary
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/44904 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/67813 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/48098 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2011-0009.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/44840 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1025601 | vdb-entry, x_refsource_SECTRACK | |
| https://hermes.opensuse.org/messages/8711677 | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:53:16.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44904"
},
{
"name": "vmware-mountvmhgfs-info-disc(67813)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67813"
},
{
"name": "48098",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48098"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "44840",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44840"
},
{
"name": "1025601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025601"
},
{
"name": "openSUSE-SU-2011:0617",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/8711677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "44904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44904"
},
{
"name": "vmware-mountvmhgfs-info-disc(67813)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67813"
},
{
"name": "48098",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48098"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "44840",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44840"
},
{
"name": "1025601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025601"
},
{
"name": "openSUSE-SU-2011:0617",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/8711677"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44904",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44904"
},
{
"name": "vmware-mountvmhgfs-info-disc(67813)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67813"
},
{
"name": "48098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48098"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "44840",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44840"
},
{
"name": "1025601",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025601"
},
{
"name": "openSUSE-SU-2011:0617",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/8711677"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2146",
"datePublished": "2011-06-06T19:00:00",
"dateReserved": "2011-05-17T00:00:00",
"dateUpdated": "2024-08-06T22:53:16.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3693
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:19.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020791"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31710"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30934"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3693",
"datePublished": "2008-09-03T14:00:00",
"dateReserved": "2008-08-14T00:00:00",
"dateUpdated": "2024-08-07T09:45:19.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4917
Vulnerability from cvelistv5
Published
2008-12-09 00:00
Modified
2024-08-07 10:31
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://kb.vmware.com/kb/1006980 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/498863/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6246 | vdb-entry, signature, x_refsource_OVAL | |
| http://secunia.com/advisories/32965 | third-party-advisory, x_refsource_SECUNIA | |
| http://kb.vmware.com/kb/1006986 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/498886/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1021301 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1021300 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/32597 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:31:28.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.vmware.com/kb/1006980"
},
{
"name": "20081203 VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498863/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:6246",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6246"
},
{
"name": "32965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32965"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.vmware.com/kb/1006986"
},
{
"name": "20081203 Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498886/100/0/threaded"
},
{
"name": "1021301",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021301"
},
{
"name": "1021300",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021300"
},
{
"name": "32597",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32597"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.vmware.com/kb/1006980"
},
{
"name": "20081203 VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498863/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:6246",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6246"
},
{
"name": "32965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32965"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.vmware.com/kb/1006986"
},
{
"name": "20081203 Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498886/100/0/threaded"
},
{
"name": "1021301",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021301"
},
{
"name": "1021300",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021300"
},
{
"name": "32597",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32597"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "http://kb.vmware.com/kb/1006980",
"refsource": "CONFIRM",
"url": "http://kb.vmware.com/kb/1006980"
},
{
"name": "20081203 VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498863/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:6246",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6246"
},
{
"name": "32965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32965"
},
{
"name": "http://kb.vmware.com/kb/1006986",
"refsource": "CONFIRM",
"url": "http://kb.vmware.com/kb/1006986"
},
{
"name": "20081203 Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498886/100/0/threaded"
},
{
"name": "1021301",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021301"
},
{
"name": "1021300",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021300"
},
{
"name": "32597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32597"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4917",
"datePublished": "2008-12-09T00:00:00",
"dateReserved": "2008-11-03T00:00:00",
"dateUpdated": "2024-08-07T10:31:28.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4296
Vulnerability from cvelistv5
Published
2010-12-06 21:00
Modified
2024-08-07 03:43
Severity ?
EPSS score ?
Summary
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.vmware.com/pipermail/security-announce/2010/000112.html | mailing-list, x_refsource_MLIST | |
| http://www.vmware.com/security/advisories/VMSA-2010-0018.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/45168 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/514995/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/42453 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1024819 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/42482 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2010/3116 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1024820 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/69584 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:43:14.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45168",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45168"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "42453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42453"
},
{
"name": "1024819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"name": "1024820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024820"
},
{
"name": "69584",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/69584"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45168",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45168"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "42453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42453"
},
{
"name": "1024819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"name": "1024820",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024820"
},
{
"name": "69584",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/69584"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[security-announce] 20101202 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"name": "45168",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45168"
},
{
"name": "20101203 VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"name": "42453",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42453"
},
{
"name": "1024819",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024819"
},
{
"name": "42482",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42482"
},
{
"name": "ADV-2010-3116",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"name": "1024820",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024820"
},
{
"name": "69584",
"refsource": "OSVDB",
"url": "http://osvdb.org/69584"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4296",
"datePublished": "2010-12-06T21:00:00",
"dateReserved": "2010-11-18T00:00:00",
"dateUpdated": "2024-08-07T03:43:14.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1662
Vulnerability from cvelistv5
Published
2013-08-24 01:00
Modified
2024-09-17 04:29
Severity ?
EPSS score ?
Summary
vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2013-0010.html | x_refsource_CONFIRM | |
| http://blog.cmpxchg8b.com/2013/08/security-debianisms.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:13:32.687Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0010.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.cmpxchg8b.com/2013/08/security-debianisms.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-24T01:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0010.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.cmpxchg8b.com/2013/08/security-debianisms.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2013-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0010.html"
},
{
"name": "http://blog.cmpxchg8b.com/2013/08/security-debianisms.html",
"refsource": "MISC",
"url": "http://blog.cmpxchg8b.com/2013/08/security-debianisms.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1662",
"datePublished": "2013-08-24T01:00:00Z",
"dateReserved": "2013-02-12T00:00:00Z",
"dateUpdated": "2024-09-17T04:29:37.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1140
Vulnerability from cvelistv5
Published
2010-04-12 18:00
Modified
2024-08-07 01:14
Severity ?
EPSS score ?
Summary
The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://secunia.com/advisories/39206 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing-list, x_refsource_MLIST | |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/39397 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1023834 | vdb-entry, x_refsource_SECTRACK | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:14:06.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "39397",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39397"
},
{
"name": "1023834",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023834"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "39397",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39397"
},
{
"name": "1023834",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023834"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "39397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39397"
},
{
"name": "1023834",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023834"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1140",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2010-03-29T00:00:00",
"dateUpdated": "2024-08-07T01:14:06.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5618
Vulnerability from cvelistv5
Published
2007-10-21 21:00
Modified
2024-08-07 15:39
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "28289",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28289"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "28289",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28289"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26890"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "28289",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28289"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28276"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5618",
"datePublished": "2007-10-21T21:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3519
Vulnerability from cvelistv5
Published
2013-12-04 15:00
Modified
2024-08-06 16:14
Severity ?
EPSS score ?
Summary
lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2013-0014.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-04T15:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0014.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2013-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0014.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3519",
"datePublished": "2013-12-04T15:00:00",
"dateReserved": "2013-05-08T00:00:00",
"dateUpdated": "2024-08-06T16:14:56.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1363
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for "hijacking the VMX process."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "vmware-config-privilege-escalation(41252)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41252"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "1019622",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019622"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for \"hijacking the VMX process.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "vmware-config-privilege-escalation(41252)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41252"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "1019622",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019622"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for \"hijacking the VMX process.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "vmware-config-privilege-escalation(41252)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41252"
},
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "1019622",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019622"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28276"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1363",
"datePublished": "2008-03-20T00:00:00",
"dateReserved": "2008-03-17T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2384
Vulnerability from cvelistv5
Published
2014-04-15 20:00
Modified
2024-08-06 10:14
Severity ?
EPSS score ?
Summary
vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as non-exploitable."
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2014/Apr/163 | mailing-list, x_refsource_FULLDISC | |
| https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:25.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140411 CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/163"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports \"Vendor rated issue as non-exploitable.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20140411 CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/163"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports \"Vendor rated issue as non-exploitable.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140411 CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Apr/163"
},
{
"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/",
"refsource": "MISC",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2384",
"datePublished": "2014-04-15T20:00:00",
"dateReserved": "2014-03-13T00:00:00",
"dateUpdated": "2024-08-06T10:14:25.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1141
Vulnerability from cvelistv5
Published
2010-04-12 18:00
Modified
2024-08-07 01:14
Severity ?
EPSS score ?
Summary
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://secunia.com/advisories/39206 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing-list, x_refsource_MLIST | |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1023833 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/39198 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1023832 | vdb-entry, x_refsource_SECTRACK | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | x_refsource_CONFIRM | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:14:06.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "1023833",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023833"
},
{
"name": "39198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39198"
},
{
"name": "1023832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023832"
},
{
"name": "oval:org.mitre.oval:def:7020",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "1023833",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023833"
},
{
"name": "39198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39198"
},
{
"name": "1023832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023832"
},
{
"name": "oval:org.mitre.oval:def:7020",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "1023833",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023833"
},
{
"name": "39198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39198"
},
{
"name": "1023832",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023832"
},
{
"name": "oval:org.mitre.oval:def:7020",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1141",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2010-03-29T00:00:00",
"dateUpdated": "2024-08-07T01:14:06.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3569
Vulnerability from cvelistv5
Published
2012-11-14 11:00
Modified
2024-08-06 20:13
Severity ?
EPSS score ?
Summary
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/79922 | vdb-entry, x_refsource_XF | |
| http://technet.microsoft.com/en-us/security/msvr/msvr13-002 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/120101/VMWare-OVF-Tools-Format-String.html | x_refsource_MISC | |
| http://www.vmware.com/security/advisories/VMSA-2012-0015.html | x_refsource_CONFIRM | |
| http://osvdb.org/87117 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/51240 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:13:50.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "vmware-ovf-format-string(79922)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79922"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://technet.microsoft.com/en-us/security/msvr/msvr13-002"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/120101/VMWare-OVF-Tools-Format-String.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"name": "87117",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/87117"
},
{
"name": "51240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51240"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "vmware-ovf-format-string(79922)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79922"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://technet.microsoft.com/en-us/security/msvr/msvr13-002"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/120101/VMWare-OVF-Tools-Format-String.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"name": "87117",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/87117"
},
{
"name": "51240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51240"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "vmware-ovf-format-string(79922)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79922"
},
{
"name": "http://technet.microsoft.com/en-us/security/msvr/msvr13-002",
"refsource": "MISC",
"url": "http://technet.microsoft.com/en-us/security/msvr/msvr13-002"
},
{
"name": "http://packetstormsecurity.com/files/120101/VMWare-OVF-Tools-Format-String.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/120101/VMWare-OVF-Tools-Format-String.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"name": "87117",
"refsource": "OSVDB",
"url": "http://osvdb.org/87117"
},
{
"name": "51240",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51240"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3569",
"datePublished": "2012-11-14T11:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:13:50.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3691
Vulnerability from cvelistv5
Published
2008-09-03 14:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:19.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31710"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "1020791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020791"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "31710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31710"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "30934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30934"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "31708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31708"
},
{
"name": "4202",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4202"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3691",
"datePublished": "2008-09-03T14:00:00",
"dateReserved": "2008-08-14T00:00:00",
"dateUpdated": "2024-08-07T09:45:19.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1666
Vulnerability from cvelistv5
Published
2012-09-08 10:00
Modified
2024-09-17 01:56
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html | mailing-list, x_refsource_BUGTRAQ | |
| https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120904 VMWare Tools susceptible to binary planting by hijack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-08T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120904 VMWare Tools susceptible to binary planting by hijack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120904 VMWare Tools susceptible to binary planting by hijack",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"name": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1666",
"datePublished": "2012-09-08T10:00:00Z",
"dateReserved": "2012-03-15T00:00:00Z",
"dateUpdated": "2024-09-17T01:56:57.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2336
Vulnerability from cvelistv5
Published
2015-06-13 14:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors, a different vulnerability than CVE-2012-0897.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032529 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75095 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2015-0004.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032530 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:15.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75095",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75095"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors, a different vulnerability than CVE-2012-0897."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75095",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75095"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors, a different vulnerability than CVE-2012-0897."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032529",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75095",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75095"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2336",
"datePublished": "2015-06-13T14:00:00",
"dateReserved": "2015-03-18T00:00:00",
"dateUpdated": "2024-08-06T05:10:15.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1362
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "vmware-namedpipes-privilege-escalation(41259)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "1019621",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019621"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an \"insecurely created named pipe,\" a different vulnerability than CVE-2008-1361."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "vmware-namedpipes-privilege-escalation(41259)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "1019621",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019621"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an \"insecurely created named pipe,\" a different vulnerability than CVE-2008-1361."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "vmware-namedpipes-privilege-escalation(41259)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "1019621",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019621"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28276"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1362",
"datePublished": "2008-03-20T00:00:00",
"dateReserved": "2008-03-17T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-2145
Vulnerability from cvelistv5
Published
2011-06-06 19:00
Modified
2024-08-06 22:53
Severity ?
EPSS score ?
Summary
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error."
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/44904 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/48098 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2011-0009.html | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/67815 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/44840 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1025601 | vdb-entry, x_refsource_SECTRACK | |
| https://hermes.opensuse.org/messages/8711677 | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:53:17.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44904"
},
{
"name": "48098",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48098"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "vmware-mountvmhgfs-privilege-esc(67815)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67815"
},
{
"name": "44840",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44840"
},
{
"name": "1025601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025601"
},
{
"name": "openSUSE-SU-2011:0617",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://hermes.opensuse.org/messages/8711677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a \"procedural error.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "44904",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44904"
},
{
"name": "48098",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48098"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "vmware-mountvmhgfs-privilege-esc(67815)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67815"
},
{
"name": "44840",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44840"
},
{
"name": "1025601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025601"
},
{
"name": "openSUSE-SU-2011:0617",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://hermes.opensuse.org/messages/8711677"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a \"procedural error.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44904",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44904"
},
{
"name": "48098",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48098"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"name": "vmware-mountvmhgfs-privilege-esc(67815)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67815"
},
{
"name": "44840",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44840"
},
{
"name": "1025601",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025601"
},
{
"name": "openSUSE-SU-2011:0617",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/8711677"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2145",
"datePublished": "2011-06-06T19:00:00",
"dateReserved": "2011-05-17T00:00:00",
"dateUpdated": "2024-08-06T22:53:17.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0967
Vulnerability from cvelistv5
Published
2008-06-05 20:21
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2008-1744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "29557",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29557"
},
{
"name": "oval:org.mitre.oval:def:4768",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
},
{
"name": "30556",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30556"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "1020198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020198"
},
{
"name": "vmware-vmwareauthd-privilege-escalation(42878)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
},
{
"name": "oval:org.mitre.oval:def:5583",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
},
{
"name": "3922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3922"
},
{
"name": "20080604 VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2008-1744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "29557",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29557"
},
{
"name": "oval:org.mitre.oval:def:4768",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
},
{
"name": "30556",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30556"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "1020198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020198"
},
{
"name": "vmware-vmwareauthd-privilege-escalation(42878)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
},
{
"name": "oval:org.mitre.oval:def:5583",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
},
{
"name": "3922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3922"
},
{
"name": "20080604 VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2008-1744",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "29557",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29557"
},
{
"name": "oval:org.mitre.oval:def:4768",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
},
{
"name": "30556",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30556"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "1020198",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020198"
},
{
"name": "vmware-vmwareauthd-privilege-escalation(42878)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
},
{
"name": "oval:org.mitre.oval:def:5583",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
},
{
"name": "3922",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3922"
},
{
"name": "20080604 VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0967",
"datePublished": "2008-06-05T20:21:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2340
Vulnerability from cvelistv5
Published
2015-06-13 14:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032529 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75092 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2015-0004.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032530 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:15.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75092",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75092",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2340",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032529",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75092"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2340",
"datePublished": "2015-06-13T14:00:00",
"dateReserved": "2015-03-18T00:00:00",
"dateUpdated": "2024-08-06T05:10:15.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3650
Vulnerability from cvelistv5
Published
2015-07-10 17:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.nettitude.co.uk/vmware-multiple-products-privilege-escalation/ | x_refsource_MISC | |
| http://www.vmware.com/security/advisories/VMSA-2015-0005.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032822 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1032823 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:58.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nettitude.co.uk/vmware-multiple-products-privilege-escalation/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0005.html"
},
{
"name": "1032822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032822"
},
{
"name": "1032823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032823"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nettitude.co.uk/vmware-multiple-products-privilege-escalation/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0005.html"
},
{
"name": "1032822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032822"
},
{
"name": "1032823",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032823"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3650",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nettitude.co.uk/vmware-multiple-products-privilege-escalation/",
"refsource": "MISC",
"url": "https://www.nettitude.co.uk/vmware-multiple-products-privilege-escalation/"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0005.html"
},
{
"name": "1032822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032822"
},
{
"name": "1032823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032823"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3650",
"datePublished": "2015-07-10T17:00:00",
"dateReserved": "2015-05-06T00:00:00",
"dateUpdated": "2024-08-06T05:47:58.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4811
Vulnerability from cvelistv5
Published
2010-04-27 15:00
Modified
2024-08-07 07:17
Severity ?
EPSS score ?
Summary
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\x90 sequence in the USER and PASS commands, a related issue to CVE-2009-3707. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/36630 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | x_refsource_MISC | |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing-list, x_refsource_MLIST | |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing-list, x_refsource_BUGTRAQ | |
| http://freetexthost.com/qr1tffkzpu | x_refsource_MISC | |
| http://pocoftheday.blogspot.com/2009/10/vmware-server-20x-remote-dos-exploit.html | x_refsource_MISC | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:25.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "36630",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36630"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://freetexthost.com/qr1tffkzpu"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pocoftheday.blogspot.com/2009/10/vmware-server-20x-remote-dos-exploit.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \\x25\\x90 sequence in the USER and PASS commands, a related issue to CVE-2009-3707. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "36630",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36630"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://freetexthost.com/qr1tffkzpu"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pocoftheday.blogspot.com/2009/10/vmware-server-20x-remote-dos-exploit.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \\x25\\x90 sequence in the USER and PASS commands, a related issue to CVE-2009-3707. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "36630",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36630"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "MISC",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "http://freetexthost.com/qr1tffkzpu",
"refsource": "MISC",
"url": "http://freetexthost.com/qr1tffkzpu"
},
{
"name": "http://pocoftheday.blogspot.com/2009/10/vmware-server-20x-remote-dos-exploit.html",
"refsource": "MISC",
"url": "http://pocoftheday.blogspot.com/2009/10/vmware-server-20x-remote-dos-exploit.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4811",
"datePublished": "2010-04-27T15:00:00",
"dateReserved": "2010-04-27T00:00:00",
"dateUpdated": "2024-08-07T07:17:25.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0909
Vulnerability from cvelistv5
Published
2009-04-06 15:00
Modified
2024-08-07 04:57
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-435.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://seclists.org/fulldisclosure/2009/Apr/0036.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/bid/34373 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2009/0944 | vdb-entry, x_refsource_VUPEN | |
| http://lists.vmware.com/pipermail/security-announce/2009/000054.html | mailing-list, x_refsource_MLIST | |
| http://www.vmware.com/security/advisories/VMSA-2009-0005.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1021974 | vdb-entry, x_refsource_SECTRACK | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6251 | vdb-entry, signature, x_refsource_OVAL |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:16.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"name": "1021974",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021974"
},
{
"name": "oval:org.mitre.oval:def:6251",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6251"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-435."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "ADV-2009-0944",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"name": "1021974",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021974"
},
{
"name": "oval:org.mitre.oval:def:6251",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6251"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0909",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-435."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"name": "34373",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34373"
},
{
"name": "ADV-2009-0944",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"name": "[security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"name": "1021974",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021974"
},
{
"name": "oval:org.mitre.oval:def:6251",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6251"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0909",
"datePublished": "2009-04-06T15:00:00",
"dateReserved": "2009-03-14T00:00:00",
"dateUpdated": "2024-08-07T04:57:16.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1139
Vulnerability from cvelistv5
Published
2010-04-12 18:00
Modified
2024-08-07 01:14
Severity ?
EPSS score ?
Summary
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://secunia.com/advisories/39206 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/39407 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | x_refsource_CONFIRM | |
| http://osvdb.org/63606 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/39201 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/39215 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1023835 | vdb-entry, x_refsource_SECTRACK | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:14:06.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39407",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39407"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/63606"
},
{
"name": "39201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39201"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "1023835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023835"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39407",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39407"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/63606"
},
{
"name": "39201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39201"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "1023835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023835"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39407"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "63606",
"refsource": "OSVDB",
"url": "http://osvdb.org/63606"
},
{
"name": "39201",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39201"
},
{
"name": "39215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39215"
},
{
"name": "1023835",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023835"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1139",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2010-03-29T00:00:00",
"dateUpdated": "2024-08-07T01:14:06.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2267
Vulnerability from cvelistv5
Published
2009-11-02 15:00
Modified
2024-08-07 05:44
Severity ?
EPSS score ?
Summary
VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.vupen.com/english/advisories/2009/3062 | vdb-entry, x_refsource_VUPEN | |
| http://lists.vmware.com/pipermail/security-announce/2009/000069.html | mailing-list, x_refsource_MLIST | |
| http://securitytracker.com/id?1023082 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/36841 | vdb-entry, x_refsource_BID | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8473 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/archive/1/507523/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/507539/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1023083 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2009-0015.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/37172 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:44:55.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2009-3062",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3062"
},
{
"name": "[security-announce] 20091027 VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000069.html"
},
{
"name": "1023082",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023082"
},
{
"name": "36841",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36841"
},
{
"name": "oval:org.mitre.oval:def:8473",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8473"
},
{
"name": "20091027 VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507523/100/0/threaded"
},
{
"name": "20091027 Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507539/100/0/threaded"
},
{
"name": "1023083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023083"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0015.html"
},
{
"name": "37172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37172"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2009-3062",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3062"
},
{
"name": "[security-announce] 20091027 VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000069.html"
},
{
"name": "1023082",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023082"
},
{
"name": "36841",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36841"
},
{
"name": "oval:org.mitre.oval:def:8473",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8473"
},
{
"name": "20091027 VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507523/100/0/threaded"
},
{
"name": "20091027 Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507539/100/0/threaded"
},
{
"name": "1023083",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023083"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0015.html"
},
{
"name": "37172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37172"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2009-3062",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3062"
},
{
"name": "[security-announce] 20091027 VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000069.html"
},
{
"name": "1023082",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023082"
},
{
"name": "36841",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36841"
},
{
"name": "oval:org.mitre.oval:def:8473",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8473"
},
{
"name": "20091027 VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507523/100/0/threaded"
},
{
"name": "20091027 Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507539/100/0/threaded"
},
{
"name": "1023083",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023083"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0015.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0015.html"
},
{
"name": "37172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37172"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2267",
"datePublished": "2009-11-02T15:00:00",
"dateReserved": "2009-07-01T00:00:00",
"dateUpdated": "2024-08-07T05:44:55.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1364
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "vmware-dhcp-unspecified-dos(41254)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "1019623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019623"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "28289",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28289"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "vmware-dhcp-unspecified-dos(41254)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "1019623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019623"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "28289",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28289"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "vmware-dhcp-unspecified-dos(41254)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
},
{
"name": "3755",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "1019623",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019623"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "28289",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28289"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28276"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1364",
"datePublished": "2008-03-20T00:00:00",
"dateReserved": "2008-03-17T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2338
Vulnerability from cvelistv5
Published
2015-06-13 14:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032529 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75092 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2015-0004.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032530 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:15.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75092",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75092",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032529",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"name": "75092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75092"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "1032530",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2338",
"datePublished": "2015-06-13T14:00:00",
"dateReserved": "2015-03-18T00:00:00",
"dateUpdated": "2024-08-06T05:10:15.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5617
Vulnerability from cvelistv5
Published
2007-10-21 21:00
Modified
2024-08-07 15:39
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html | mailing-list, x_refsource_FULLDISC | |
| http://security.gentoo.org/glsa/glsa-200711-23.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.vupen.com/english/advisories/2007/3229 | vdb-entry, x_refsource_VUPEN | |
| http://www.vmware.com/support/player2/doc/releasenotes_player2.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/26890 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vmware.com/support/player/doc/releasenotes_player.html | x_refsource_CONFIRM | |
| http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/27706 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26890"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "GLSA-200711-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "26890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26890"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5617",
"datePublished": "2007-10-21T21:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-3707
Vulnerability from cvelistv5
Published
2009-10-16 16:00
Modified
2024-08-07 06:38
Severity ?
EPSS score ?
Summary
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\xFF sequence in the USER and PASS commands, related to a "format string DoS" issue. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:38:30.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "36630",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36630"
},
{
"name": "1022997",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022997"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shinnai.net/xplits/TXT_JtYUv6C6j5b6Bw6iIkF4.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "36988",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36988"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shinnai.net/index.php?mod=02_Forum\u0026group=02_Bugs_and_Exploits\u0026argument=01_Remote\u0026topic=1254924405.ff.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shinnai.net/exploits/abFwcLOuFqmD20yqhYpQ.txt"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \\x25\\xFF sequence in the USER and PASS commands, related to a \"format string DoS\" issue. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-14T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "36630",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36630"
},
{
"name": "1022997",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022997"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shinnai.net/xplits/TXT_JtYUv6C6j5b6Bw6iIkF4.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "36988",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36988"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shinnai.net/index.php?mod=02_Forum\u0026group=02_Bugs_and_Exploits\u0026argument=01_Remote\u0026topic=1254924405.ff.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shinnai.net/exploits/abFwcLOuFqmD20yqhYpQ.txt"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \\x25\\xFF sequence in the USER and PASS commands, related to a \"format string DoS\" issue. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "36630",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36630"
},
{
"name": "1022997",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022997"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "http://www.shinnai.net/xplits/TXT_JtYUv6C6j5b6Bw6iIkF4.html",
"refsource": "MISC",
"url": "http://www.shinnai.net/xplits/TXT_JtYUv6C6j5b6Bw6iIkF4.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "36988",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36988"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "http://www.shinnai.net/index.php?mod=02_Forum\u0026group=02_Bugs_and_Exploits\u0026argument=01_Remote\u0026topic=1254924405.ff.php",
"refsource": "MISC",
"url": "http://www.shinnai.net/index.php?mod=02_Forum\u0026group=02_Bugs_and_Exploits\u0026argument=01_Remote\u0026topic=1254924405.ff.php"
},
{
"name": "http://www.shinnai.net/exploits/abFwcLOuFqmD20yqhYpQ.txt",
"refsource": "MISC",
"url": "http://www.shinnai.net/exploits/abFwcLOuFqmD20yqhYpQ.txt"
},
{
"name": "39215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39215"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3707",
"datePublished": "2009-10-16T16:00:00",
"dateReserved": "2009-10-16T00:00:00",
"dateUpdated": "2024-08-07T06:38:30.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2100
Vulnerability from cvelistv5
Published
2008-06-05 20:21
Modified
2024-08-07 08:49
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.vupen.com/english/advisories/2008/1744 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1020200 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42872 | vdb-entry, x_refsource_XF | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.vmware.com/security/advisories/VMSA-2008-0009.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/30556 | third-party-advisory, x_refsource_SECUNIA | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/29552 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/493080/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/3922 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:57.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2008-1744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "1020200",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020200"
},
{
"name": "vmware-vixapi-multiple-unspecified-bo(42872)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42872"
},
{
"name": "oval:org.mitre.oval:def:5647",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "30556",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30556"
},
{
"name": "oval:org.mitre.oval:def:5081",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081"
},
{
"name": "29552",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29552"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "3922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3922"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2008-1744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "1020200",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020200"
},
{
"name": "vmware-vixapi-multiple-unspecified-bo(42872)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42872"
},
{
"name": "oval:org.mitre.oval:def:5647",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "30556",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30556"
},
{
"name": "oval:org.mitre.oval:def:5081",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081"
},
{
"name": "29552",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29552"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "3922",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3922"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "ADV-2008-1744",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"name": "1020200",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020200"
},
{
"name": "vmware-vixapi-multiple-unspecified-bo(42872)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42872"
},
{
"name": "oval:org.mitre.oval:def:5647",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"name": "30556",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30556"
},
{
"name": "oval:org.mitre.oval:def:5081",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081"
},
{
"name": "29552",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29552"
},
{
"name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"name": "3922",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3922"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2100",
"datePublished": "2008-06-05T20:21:00",
"dateReserved": "2008-05-07T00:00:00",
"dateUpdated": "2024-08-07T08:49:57.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0199
Vulnerability from cvelistv5
Published
2009-09-08 22:00
Modified
2024-08-07 04:24
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with crafted dimensions (aka framebuffer parameters).
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.vmware.com/pipermail/security-announce/2009/000065.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/36290 | vdb-entry, x_refsource_BID | |
| http://secunia.com/secunia_research/2009-25/ | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/506286/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2009/2553 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/34938 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vmware.com/security/advisories/VMSA-2009-0012.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"name": "36290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36290"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-25/"
},
{
"name": "20090905 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"name": "ADV-2009-2553",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2553"
},
{
"name": "34938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34938"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with crafted dimensions (aka framebuffer parameters)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"name": "36290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36290"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-25/"
},
{
"name": "20090905 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"name": "ADV-2009-2553",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2553"
},
{
"name": "34938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34938"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-0199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with crafted dimensions (aka framebuffer parameters)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"name": "36290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36290"
},
{
"name": "http://secunia.com/secunia_research/2009-25/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-25/"
},
{
"name": "20090905 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"name": "ADV-2009-2553",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2553"
},
{
"name": "34938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34938"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-0199",
"datePublished": "2009-09-08T22:00:00",
"dateReserved": "2009-01-20T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1138
Vulnerability from cvelistv5
Published
2010-04-12 18:00
Modified
2024-08-07 01:14
Severity ?
EPSS score ?
Summary
The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://secunia.com/advisories/39206 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/39203 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1023836 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/39395 | vdb-entry, x_refsource_BID | |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/39215 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/63607 | vdb-entry, x_refsource_OSVDB | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:14:05.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39203"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "1023836",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023836"
},
{
"name": "39395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "63607",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/63607"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39203",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39203"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "1023836",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023836"
},
{
"name": "39395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "39215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39215"
},
{
"name": "63607",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/63607"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1138",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39203"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "1023836",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023836"
},
{
"name": "39395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39395"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "39215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39215"
},
{
"name": "63607",
"refsource": "OSVDB",
"url": "http://osvdb.org/63607"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1138",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2010-03-29T00:00:00",
"dateUpdated": "2024-08-07T01:14:05.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1142
Vulnerability from cvelistv5
Published
2010-04-12 18:00
Modified
2024-08-07 01:14
Severity ?
EPSS score ?
Summary
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201209-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://secunia.com/advisories/39206 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.vmware.com/pipermail/security-announce/2010/000090.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/39394 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt | x_refsource_MISC | |
| http://www.securitytracker.com/id?1023833 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/39198 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1023832 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vmware.com/security/advisories/VMSA-2010-0007.html | x_refsource_CONFIRM | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:14:06.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39394",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39394"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt"
},
{
"name": "1023833",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023833"
},
{
"name": "39198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39198"
},
{
"name": "1023832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023832"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39394",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39394"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt"
},
{
"name": "1023833",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023833"
},
{
"name": "39198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39198"
},
{
"name": "1023832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023832"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "39206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39206"
},
{
"name": "[security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"name": "39394",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39394"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"name": "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt",
"refsource": "MISC",
"url": "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt"
},
{
"name": "1023833",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023833"
},
{
"name": "39198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39198"
},
{
"name": "1023832",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023832"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"name": "20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1142",
"datePublished": "2010-04-12T18:00:00",
"dateReserved": "2010-03-29T00:00:00",
"dateUpdated": "2024-08-07T01:14:06.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5972
Vulnerability from cvelistv5
Published
2013-11-16 15:00
Modified
2024-09-17 01:56
Severity ?
EPSS score ?
Summary
VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2013-0013.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:41.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-16T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0013.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5972",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2013-0013.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0013.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5972",
"datePublished": "2013-11-16T15:00:00Z",
"dateReserved": "2013-10-01T00:00:00Z",
"dateUpdated": "2024-09-17T01:56:56.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1340
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "vmware-vmci-dos(41250)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
},
{
"name": "1019624",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019624"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "28289",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28289"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger \"memory exhaustion and memory corruption.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "vmware-vmci-dos(41250)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
},
{
"name": "1019624",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019624"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "28289",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28289"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "ADV-2008-0905",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28276"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1340",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger \"memory exhaustion and memory corruption.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "3755",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3755"
},
{
"name": "vmware-vmci-dos(41250)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
},
{
"name": "1019624",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019624"
},
{
"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "28289",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28289"
},
{
"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"name": "ADV-2008-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28276"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1340",
"datePublished": "2008-03-20T00:00:00",
"dateReserved": "2008-03-14T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2628
Vulnerability from cvelistv5
Published
2009-09-08 22:00
Modified
2024-08-07 05:59
Severity ?
EPSS score ?
Summary
The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.vmware.com/pipermail/security-announce/2009/000065.html | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/36290 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/506286/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2009/2553 | vdb-entry, x_refsource_VUPEN | |
| http://www.kb.cert.org/vuls/id/444513 | third-party-advisory, x_refsource_CERT-VN | |
| http://secunia.com/advisories/34938 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vmware.com/security/advisories/VMSA-2009-0012.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"name": "36290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36290"
},
{
"name": "20090905 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"name": "ADV-2009-2553",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2553"
},
{
"name": "VU#444513",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/444513"
},
{
"name": "34938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34938"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"name": "36290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36290"
},
{
"name": "20090905 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"name": "ADV-2009-2553",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2553"
},
{
"name": "VU#444513",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/444513"
},
{
"name": "34938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34938"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-2628",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"name": "36290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36290"
},
{
"name": "20090905 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"name": "ADV-2009-2553",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2553"
},
{
"name": "VU#444513",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/444513"
},
{
"name": "34938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34938"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-2628",
"datePublished": "2009-09-08T22:00:00",
"dateReserved": "2009-07-28T00:00:00",
"dateUpdated": "2024-08-07T05:59:56.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2341
Vulnerability from cvelistv5
Published
2015-06-13 14:00
Modified
2024-08-06 05:10
Severity ?
EPSS score ?
Summary
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2015-0004.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75094 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032530 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:16.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "75094",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75094"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "75094",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75094"
},
{
"name": "1032530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"name": "75094",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75094"
},
{
"name": "1032530",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2341",
"datePublished": "2015-06-13T14:00:00",
"dateReserved": "2015-03-18T00:00:00",
"dateUpdated": "2024-08-06T05:10:16.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-3547
Vulnerability from cvelistv5
Published
2006-07-13 00:00
Modified
2025-01-17 13:58
Severity ?
EPSS score ?
Summary
EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/437806/100/200/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/437809/100/200/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/27524 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/437756/100/200/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060620 Re: Vm ware 0day dos exploit by n00b.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437806/100/200/threaded"
},
{
"name": "20060620 Re: Vm ware 0day dos exploit by n00b.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437809/100/200/threaded"
},
{
"name": "27524",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27524"
},
{
"name": "20060618 Vm ware 0day dos exploit by n00b.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437756/100/200/threaded"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2006-3547",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T18:27:47.510692Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T13:58:42.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060620 Re: Vm ware 0day dos exploit by n00b.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437806/100/200/threaded"
},
{
"name": "20060620 Re: Vm ware 0day dos exploit by n00b.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437809/100/200/threaded"
},
{
"name": "27524",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27524"
},
{
"name": "20060618 Vm ware 0day dos exploit by n00b.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437756/100/200/threaded"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060620 Re: Vm ware 0day dos exploit by n00b.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437806/100/200/threaded"
},
{
"name": "20060620 Re: Vm ware 0day dos exploit by n00b.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437809/100/200/threaded"
},
{
"name": "27524",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27524"
},
{
"name": "20060618 Vm ware 0day dos exploit by n00b.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437756/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3547",
"datePublished": "2006-07-13T00:00:00",
"dateReserved": "2006-07-12T00:00:00",
"dateUpdated": "2025-01-17T13:58:42.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2006-07-13 00:05
Modified
2025-01-17 14:15
Severity ?
Summary
EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9A9E09-959A-4A99-A25C-09AA4FA646D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed"
},
{
"lang": "es",
"value": "** IMPUGNADA ** EMC VMware Player permite a atacantes con la intervenci\u00f3n del usuario provocar una denegaci\u00f3n de servicio (fallo irrecuperable de la aplicaci\u00f3n) mediante un valor largo del par\u00e1metro ide1:0.fileName en el archivo .vmx de una m\u00e1quina virtual. NOTA: terceras partes han impugnado este problema, diciendi que el acceso de escritura al archivo .vmx habilita otras v\u00edas para detener la m\u00e1quina virtual, as\u00ed que no se cruzan l\u00edmites de privilegios."
}
],
"id": "CVE-2006-3547",
"lastModified": "2025-01-17T14:15:28.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2006-07-13T00:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/27524"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/437756/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/437806/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/437809/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/27524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437756/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437806/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437809/100/200/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-21 21:17
Modified
2024-11-21 00:38
Severity ?
Summary
Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | player | * | |
| vmware | player | * | |
| vmware | server | * | |
| vmware | workstation | * | |
| vmware | workstation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAB76F0-194A-49C2-9B11-40626D5FE144",
"versionEndExcluding": "1.0.5",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35A00737-2932-4877-8E02-1F9534C6FBAE",
"versionEndExcluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E09F612-579E-43BA-95C6-7D910A0CFA56",
"versionEndExcluding": "1.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27920879-1408-4514-BA3F-B31DD69FACA2",
"versionEndExcluding": "5.5.5",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACA1016-EAC5-4210-ABDC-C2499F2841EA",
"versionEndExcluding": "6.0.1",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs."
},
{
"lang": "es",
"value": "Una ruta de b\u00fasqueda en Windows sin cerrar las comillas en el servicio Authorization y en otros servicios en el VMware Player 1.0.x anterior al 1.0.5 y el 2.0 anterior al 2.0.1, en el VMware Server anterior al 1.0.4; y en el Workstation 5.x anterior al 5.5.5 y el 6.x anterior al 6.0.1, puede permitir a usuarios locales obtener privilegios a trav\u00e9s de programas maliciosos."
}
],
"id": "CVE-2007-5618",
"lastModified": "2024-11-21T00:38:19.233",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-21T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28289"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2024-11-21 00:49
Severity ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3696.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "799650A4-BD6F-40EF-889B-6ED50E05CCA8",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E196532F-3B8D-4DAB-9DBA-FE204D3A07A9",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B553A95A-C3D3-4A01-80D6-2F656BA26BF3",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9",
"versionEndExcluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3696."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en un cierto control ActiveX en VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, y VMware Server versiones anteriores a 1.0.7 build 108231 tiene un impacto y vectores de ataque desconocidos, una vulnerabilidad diferente a CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, y CVE-2008-3696."
}
],
"id": "CVE-2008-3695",
"lastModified": "2024-11-21T00:49:53.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-03T14:12:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-06 21:05
Modified
2024-11-21 01:20
Severity ?
Summary
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 | |
| vmware | workstation | 7.1 | |
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| linux | linux_kernel | - | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 | |
| vmware | player | 3.1.2 | |
| linux | linux_kernel | - | |
| vmware | server | 2.0.2 | |
| linux | linux_kernel | - | |
| vmware | fusion | 3.1 | |
| vmware | fusion | 3.1.1 | |
| vmware | fusion | 3.1.2 | |
| apple | mac_os_x | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en el proceso de montaje de vmware-mount en VMware Workstation 7.x anteriores a la 7.1.2 build 301548 en Linux, VMware Player 3.1.x anteriores a la 3.1.2 build 301548 en Linux, VMware Server 2.0.2 en Linux, y VMware Fusion 3.1.x anteriores a la 3.1.2 build 332101 permite a usuarios del SO anfitri\u00f3n escalar privilegios a trav\u00e9s de vectores que involucran archivos temporales."
}
],
"id": "CVE-2010-4295",
"lastModified": "2024-11-21T01:20:37.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-06T21:05:49.403",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/69585"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42453"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42482"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/45167"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024820"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/69585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/45167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-14 20:55
Modified
2024-11-21 01:40
Severity ?
Summary
VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.2 | |
| vmware | workstation | 8.0.3 | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | player | 4.0.3 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21644868-F1B0-4A8E-BE73-4F42BEB8E834",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5FD2D7-9928-437B-8988-4FC955DE4F84",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF29100-E124-4416-95CF-18B4246D43F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "37A5D726-3D38-44D5-B509-1B8B003903A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "A4DA3B20-A743-4F37-A095-65161FFBEB73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "FF7C3C65-BE63-407E-9CFD-E571025C3E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE88D8C-9CC3-46D1-9F26-290BC679F47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:1:*:*:*:*:*:*",
"matchCriteriaId": "58ED8AB4-0FDF-4752-B44E-56F58593CE41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*",
"matchCriteriaId": "0A4E41C0-31FA-47AA-A9BF-B9A6C1D44801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF016EE7-083A-4D62-A6D4-2807EB47B6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*",
"matchCriteriaId": "8F11844A-3C6C-4AA5-87DC-979AFF62867A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*",
"matchCriteriaId": "AC463653-A599-45CF-8EA9-8854D5C59963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*",
"matchCriteriaId": "4DC5C2BF-6EC6-436F-A925-469E87249C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*",
"matchCriteriaId": "7BCE5DA9-BB88-4169-B77C-40B1F98D511A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device."
},
{
"lang": "es",
"value": "VMware Workstation antes de v8.0.4 8.x, VMware Player antes de v4.0.4 4.x, VMware ESXi v3.5 a v5.0 y VMware ESX v3.5 a v4.1 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (caida del sistema operativo huesped) a trav\u00e9s de tr\u00e1fico de red de un dispositivo virtual remoto red espc\u00edficamente modificado."
}
],
"id": "CVE-2012-3289",
"lastModified": "2024-11-21T01:40:35.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-14T20:55:01.467",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for "hijacking the VMX process."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E913C6E9-454D-4FE7-B22B-F24E194F5CE2",
"versionEndExcluding": "1.0.5",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310A0A72-A709-407D-A68D-24EF59EEC553",
"versionEndExcluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841FDCE0-8D59-4AE6-8996-5BFD8736DA86",
"versionEndExcluding": "1.0.6",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D86484E-0D38-49BC-9C80-688A83F80345",
"versionEndExcluding": "2.0.3",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "517722B0-4E12-4A3B-A35B-2A88DA6D30A9",
"versionEndExcluding": "1.0.5",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C0BDA4-C4AE-4C91-A8D3-A965CCCE3C2E",
"versionEndExcluding": "5.5.6",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76907A90-590B-4FBA-977E-CCF19F6F405F",
"versionEndExcluding": "6.0.3",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for \"hijacking the VMX process.\""
},
{
"lang": "es",
"value": "VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y versiones 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales obtener privilegios mediante una modificaci\u00f3n no especificada del fichero config.ini localizado en la carpeta de Datos de Aplicaci\u00f3n, que puede ser usado para \"secuestrar el proceso VMX\"."
}
],
"id": "CVE-2008-1363",
"lastModified": "2024-11-21T00:44:22.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-20T00:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1019622"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1019622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41252"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-06-01 19:30
Modified
2024-11-21 01:03
Severity ?
Summary
Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D249F86-E463-4AB1-BEEE-0828D5A2D761",
"versionEndIncluding": "2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "700C0BB4-2272-4405-9D9A-A636E3D22461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.3_build_54075:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B6602F-EF25-4E20-B4AA-955C026F7AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "87291B27-442C-4CAB-94A1-67FC766486EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B04862-4377-422E-931A-B17FE1CA1884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B6730-F05B-4B62-B4DE-07C61A4924F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D22E40D-C362-49FD-924C-262A64555934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.1_build_55017:*:*:*:*:*:*:*",
"matchCriteriaId": "9D438AB9-825C-4A9B-A3FF-55F2E5743B19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A48CEB4-5864-4A0F-B14C-CFE4699C3311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78957047-FB9F-4D1D-B3D9-91257A6B4D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A04DB52-C66C-4AA9-9D6F-9D2DC202C5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280033C5-90EF-4825-A87D-B23650D8C71A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78322B97-DBE0-4C7E-9826-11727254500E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6F7416-E694-4EC9-9FE5-0C24448ECB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4004A38A-01A6-41BE-84EB-1D7C7FAD0214",
"versionEndIncluding": "2.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1C154A-3869-4189-A781-D3071D54143F",
"versionEndIncluding": "2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E76D03A3-DB55-48A2-B5A5-64002D28B95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAC68CA-DCA3-4399-807D-E7AC67C9C3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA35C066-90A9-4DE2-A97A-38A6CFC59A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "462EEAD5-A78C-4381-847E-B6F1BE4CB379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E666A5E4-4CDD-4915-B0F3-C63998D01846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3F9D4D-2116-49A7-9292-AF6B4456E175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2EAA90-B24A-45E7-B99F-DA3554A16F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "446F2959-C42B-403B-AE1C-BA7D305C60CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B24C0071-58F9-4971-951B-7AA12294F7D9",
"versionEndIncluding": "1.0.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EC33AB-E92A-4AA8-A523-C341133BB515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53197903-0614-4460-8944-C1B5257D71A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.1_build_29996:*:*:*:*:*:*:*",
"matchCriteriaId": "EB051A5C-5F66-4732-949A-48B0FDE4AFF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F037B05F-6F92-4BE1-B672-F677CBEFD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BFEAE8-0118-4548-A6EA-E90FA8FE7AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.4_build_56528:*:*:*:*:*:*:*",
"matchCriteriaId": "87489138-7756-453C-A149-F2C4F95EFF9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "42049891-38B7-4BB7-8DA5-A87169E2D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07139DF7-C36B-4FED-8558-7FA49BE0BCFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0D7307-5946-45DC-88D3-6BC72EF50184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2786E370-6108-4695-B0A8-9F19D8E3C0C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D69FD9-F162-4623-A475-9FA7A3A6DF30",
"versionEndIncluding": "6.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBF029A-103D-4BB6-B037-25EC2224DF34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C4D90-3697-4F3F-8FFF-FE63F3AD0DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "35A717A5-60C2-4470-943E-CA53781D4B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8FBC02-7F2F-4AEF-A5A3-E283D192937C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29AA2B37-BF5F-4AC5-844D-34CF56EC621C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "07131E56-53EE-4CE1-A135-050792EA3C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86334051-8763-4CD9-9480-CAEAE756DFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66596F04-9C2E-4091-85A7-40239F3F920E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E831531-60FE-4DFC-994E-7409E6C69D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.2.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "4C1A275E-2152-4A37-8CFE-34E8900E3426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A688A2-3E9C-4AA3-832B-300A5A311C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89098CFF-4696-4BD9-9BC9-D7C2D92FE729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A30DFFE7-EB73-4A88-A23B-9B386C091314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.1_build_5289:*:*:*:*:*:*:*",
"matchCriteriaId": "25F1481E-A07D-4913-BCF3-630561F0FBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6C230D-7BAA-4A77-9E96-B1B994F4AAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FE7C5-2C46-4B59-9242-A03B986C07DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2_build_8848:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8F9694-8556-4990-A867-592D6A927498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2_build_8848:r4:*:*:*:*:*:*",
"matchCriteriaId": "0C605123-69F9-44AC-A17E-3C728059E628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5:*:*:*:*:*:*:*",
"matchCriteriaId": "37595A89-52C5-4699-A463-C9D91B91716B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53FBB074-4EAC-4CEC-AFC5-33C66B135F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.0.0_build_13124:*:*:*:*:*:*:*",
"matchCriteriaId": "41B54C61-FB19-4900-A635-2F6B63BEC88C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "525D50A3-2943-4B96-B354-F81F814A7707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.0_build_13124:*:*:*:*:*:*:*",
"matchCriteriaId": "B4BCB22F-7B9A-493B-AE19-18D0C15EA778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1_build_19175:*:*:*:*:*:*:*",
"matchCriteriaId": "33D6D4DD-13D2-4EA0-A7D7-367C3809ABAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF51A7F-59DA-4F64-A4F7-3A250C950D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:42958:*:*:*:*:*:*",
"matchCriteriaId": "559D2177-ECB9-4AFF-A8B4-BCB47A1B4637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
"matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D75ED54E-8E55-48BF-A52E-19FCCE895C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.5_build_56455:*:*:*:*:*:*:*",
"matchCriteriaId": "B27D214D-2BEF-4445-802A-5E02E9E5E5CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B53297E3-0C74-421B-8058-DAF7357D421A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDEFCEF-F943-449B-91D8-A8CB290C7AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "97957D6F-0249-4814-8755-5C4537B58E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4408849A-21F1-40F5-A528-0BD47E1BF823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.1_build_55017:*:*:*:*:*:*:*",
"matchCriteriaId": "0692E537-A36E-470B-BECE-A17D531B925C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9938CB4F-96D1-4852-9694-28A93E13AA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB61760-87FD-4E60-ADC6-407EFA13773C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBDE6D5-7131-421A-BABE-32F281615597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA4FEF-FF8F-4706-89BC-8396F7614EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC6B629-30B3-4C45-B5E9-1B4310F186FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el controlador VMware Descheduled Time Accounting en VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE v2.5.1 y anteriores, VMware Server v1.x anteriores a v1.0.9 build 156507 y v2.x anteriores a v2.0.1 build 156745, VMware Fusion v2.x anteriores a v2.0.2 build 147997, VMware ESXi v3.5, y VMware ESX v3.0.2, v3.0.3, y v3.5, cuando el servicio Descheduled Time Accounting no se est\u00e1 ejecutando, permite a usuarios invitados del sistema operativo en Windows provocar una denegaci\u00f3n de servicio mediante vectores desconocidos."
}
],
"id": "CVE-2009-1805",
"lastModified": "2024-11-21T01:03:25.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-06-01T19:30:00.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35269"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/503912/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/35141"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022300"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0007.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1452"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/503912/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6130"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-11-10 14:12
Modified
2024-11-21 00:52
Severity ?
Summary
The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "303FD815-1A0D-41ED-AD0E-91BFC82C6E3B",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "403B0C68-7F85-438C-95E2-5B6FDCF00E7C",
"versionEndIncluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AFBA799-7EC3-4DE3-BF3C-FA7C1C1E7632",
"versionEndIncluding": "3.5",
"versionStartIncluding": "2.5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44A6CE08-8BAB-4BCC-87AE-FA433CD1AC67",
"versionEndIncluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA8737EE-4163-4B99-873A-21FC9748087A",
"versionEndIncluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B39E558-D6F4-4271-848C-E87A2CAD4A33",
"versionEndIncluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFA048E-E58D-481F-BE83-FF26795A0F7C",
"versionEndIncluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1598C125-3339-4917-BCB6-A7F361887E15",
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS."
},
{
"lang": "es",
"value": "Una vulnerabilidad sin especificar en la emulaci\u00f3n de hardware de CPU en sistemas operativos internos de 32-bit y 64-bit, en VMware Workstation v6.0.5 y anteriores; Player v2.0.x a la v2.0.5 y v1.0.x a la v1.0.8; ACE v2.0.x a la v2.0.5 y anteriores, y v1.0.x a la v1.0.7; Server v1.0.x a la v1.0.7; ESX v2.5.4 a la v3.5; y ESXi v3.5; no maneja de forma adecuada el flag Trap, que permite a usuarios del sistema operativo (SO) hu\u00e9sped obtener privilegios en el SO hu\u00e9sped."
}
],
"id": "CVE-2008-4915",
"lastModified": "2024-11-21T00:52:49.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-10T14:12:55.950",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32612"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32624"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/498138/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/32168"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021154"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3052"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46415"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/498138/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/32168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6309"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-14 12:30
Modified
2024-11-21 01:44
Severity ?
Summary
Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "system folder."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | player | 4.0 | |
| vmware | player | 4.0.0.18997 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | player | 4.0.3 | |
| vmware | player | 4.0.4 | |
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.0.18997 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.1.27038 | |
| vmware | workstation | 8.0.2 | |
| vmware | workstation | 8.0.3 | |
| vmware | workstation | 8.0.4 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "81AFBBE6-0B3B-44DB-BBEB-08C8B2C39038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5FD2D7-9928-437B-8988-4FC955DE4F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2932689-76D4-4907-9CF9-AD8F6B801579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "01483038-BC89-44BA-B07B-362FC5D7E8C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*",
"matchCriteriaId": "B671AC17-7064-4541-ADB3-FCD72109C766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21644868-F1B0-4A8E-BE73-4F42BEB8E834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4944D9B1-A48B-4F32-951E-BEC3FEAC45FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a \"system folder.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en VMware Workstation v8.x antes de v8.0.5 y VMware Player v4.x antes de v4.0.5 en Windows, permite a a los usuarios del sistema operativo anfitri\u00f3n, ganar privilejos del sistema operativo anfitri\u00f3n a trav\u00e9s de una DLL caballo de troya en una \"carpeta del sistema\"."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n\"CWE-426: Untrusted Search Path\"",
"id": "CVE-2012-5459",
"lastModified": "2024-11-21T01:44:42.327",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-14T12:30:59.803",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/87119"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/56470"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/87119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79923"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-13 16:30
Modified
2024-11-21 01:01
Severity ?
Summary
Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D249F86-E463-4AB1-BEEE-0828D5A2D761",
"versionEndIncluding": "2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "700C0BB4-2272-4405-9D9A-A636E3D22461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "87291B27-442C-4CAB-94A1-67FC766486EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B04862-4377-422E-931A-B17FE1CA1884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B6730-F05B-4B62-B4DE-07C61A4924F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D22E40D-C362-49FD-924C-262A64555934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A48CEB4-5864-4A0F-B14C-CFE4699C3311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78957047-FB9F-4D1D-B3D9-91257A6B4D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A04DB52-C66C-4AA9-9D6F-9D2DC202C5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280033C5-90EF-4825-A87D-B23650D8C71A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78322B97-DBE0-4C7E-9826-11727254500E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6F7416-E694-4EC9-9FE5-0C24448ECB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BA4159-EBBA-4326-A672-23322377781B",
"versionEndIncluding": "2.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "942B4ED3-A68E-4106-A98B-FA7CD3505140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD1338C-8FC1-40A1-BAE8-B11F4354A0CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC862199-8AA7-4E5E-BA2B-DF5FC9A056BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1BDA2CE1-E26E-4347-BD60-2764A19F5E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B503A45-D9F3-414D-9BFA-C58B1E81A39E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55EBD95F-3DF7-49F3-A7AA-47085E0B7C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DA47C9-3D1A-49A7-8976-AE05D6730673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1C154A-3869-4189-A781-D3071D54143F",
"versionEndIncluding": "2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E76D03A3-DB55-48A2-B5A5-64002D28B95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAC68CA-DCA3-4399-807D-E7AC67C9C3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA35C066-90A9-4DE2-A97A-38A6CFC59A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "462EEAD5-A78C-4381-847E-B6F1BE4CB379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E666A5E4-4CDD-4915-B0F3-C63998D01846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3F9D4D-2116-49A7-9292-AF6B4456E175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2EAA90-B24A-45E7-B99F-DA3554A16F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "446F2959-C42B-403B-AE1C-BA7D305C60CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EC33AB-E92A-4AA8-A523-C341133BB515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53197903-0614-4460-8944-C1B5257D71A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F037B05F-6F92-4BE1-B672-F677CBEFD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BFEAE8-0118-4548-A6EA-E90FA8FE7AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "42049891-38B7-4BB7-8DA5-A87169E2D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07139DF7-C36B-4FED-8558-7FA49BE0BCFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0D7307-5946-45DC-88D3-6BC72EF50184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "89699BB6-9E41-41DC-B597-B45CA05313A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9D09AC-7D9B-4150-86BC-19F44F6F2CA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2786E370-6108-4695-B0A8-9F19D8E3C0C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D69FD9-F162-4623-A475-9FA7A3A6DF30",
"versionEndIncluding": "6.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBF029A-103D-4BB6-B037-25EC2224DF34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C4D90-3697-4F3F-8FFF-FE63F3AD0DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "35A717A5-60C2-4470-943E-CA53781D4B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8FBC02-7F2F-4AEF-A5A3-E283D192937C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29AA2B37-BF5F-4AC5-844D-34CF56EC621C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "07131E56-53EE-4CE1-A135-050792EA3C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86334051-8763-4CD9-9480-CAEAE756DFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66596F04-9C2E-4091-85A7-40239F3F920E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E831531-60FE-4DFC-994E-7409E6C69D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.2.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "4C1A275E-2152-4A37-8CFE-34E8900E3426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A688A2-3E9C-4AA3-832B-300A5A311C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89098CFF-4696-4BD9-9BC9-D7C2D92FE729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A30DFFE7-EB73-4A88-A23B-9B386C091314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6C230D-7BAA-4A77-9E96-B1B994F4AAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FE7C5-2C46-4B59-9242-A03B986C07DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5:*:*:*:*:*:*:*",
"matchCriteriaId": "37595A89-52C5-4699-A463-C9D91B91716B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53FBB074-4EAC-4CEC-AFC5-33C66B135F3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "525D50A3-2943-4B96-B354-F81F814A7707",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF51A7F-59DA-4F64-A4F7-3A250C950D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D75ED54E-8E55-48BF-A52E-19FCCE895C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B53297E3-0C74-421B-8058-DAF7357D421A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDEFCEF-F943-449B-91D8-A8CB290C7AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "97957D6F-0249-4814-8755-5C4537B58E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4408849A-21F1-40F5-A528-0BD47E1BF823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9938CB4F-96D1-4852-9694-28A93E13AA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB61760-87FD-4E60-ADC6-407EFA13773C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBDE6D5-7131-421A-BABE-32F281615597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA4FEF-FF8F-4706-89BC-8396F7614EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC6B629-30B3-4C45-B5E9-1B4310F186FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en la funci\u00f3n de pantalla de m\u00e1quina virtual de en VMware Workstation v6.5.1 y anteriores; VMware Player v2.5.1 y anteriores; VMware ACE v2.5.1 y anteriores; VMware Server v1.x antes de la v1.0.9 build 156507 y v2.x antes de v2.0.1 build 156745; VMware Fusion antes de la v2.0.4 build 159196; VMware ESXi 3.5 y VMware ESX v3.0.2, v3.0.3 y v3.5 permite ejecutar, a los usuarios invitados, c\u00f3digo arbitrario en el sistema operativo anfitri\u00f3n a trav\u00e9s de vectores desconocidos, una vulnerabilidad diferente a la CVE-2008-4916."
}
],
"id": "CVE-2009-1244",
"lastModified": "2024-11-21T01:01:59.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-13T16:30:00.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000055.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/53634"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502615/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34471"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022031"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0006.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49834"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000055.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/53634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502615/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6065"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-21 19:17
Modified
2024-11-21 00:36
Severity ?
Summary
Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious "program.exe" file in the C: folder.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | * | |
| vmware | player | * | |
| vmware | player | * | |
| vmware | server | * | |
| vmware | workstation | * | |
| vmware | workstation | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 6.10 | |
| canonical | ubuntu_linux | 7.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A98FBF6-45D0-48BC-8E24-8C7F136F53AB",
"versionEndIncluding": "1.0.3",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF86A1B-FC17-4CB4-9F3C-726491C117BB",
"versionEndIncluding": "1.0.5",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA625B0B-2837-4B5A-9B36-FC77CF0748AC",
"versionEndIncluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "574C5392-7607-4F34-A661-CF618AA52BC4",
"versionEndIncluding": "1.0.4",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7F4F51-A9B8-4CA9-AE2C-458E61DB9D47",
"versionEndIncluding": "5.5.5",
"versionStartIncluding": "5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40975D44-E804-4A1C-9577-18D7DE1051E5",
"versionEndIncluding": "6.0.1",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious \"program.exe\" file in the C: folder."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ruta (path) de b\u00fasqueda de Windows sin comillas en EMC VMware Workstation versiones anteriores a 5.5.5 Build 56455 y versiones 6.x anteriores a 6.0.1 Build 55017, Player versiones anteriores a 1.0.5 Build 56455 y Player versiones 2 anteriores a 2.0.1 Build 55017, ACE versiones anteriores a 1.0.3 Build 54075 y Server versiones anteriores a 1.0.4 Build 56528, permite a usuarios locales alcanzar privilegios por medio de vectores de ataque no especificados, posiblemente involucrando a un archivo malicioso \"program.exe\" en la carpeta C:."
}
],
"id": "CVE-2007-5023",
"lastModified": "2024-11-21T00:36:57.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-21T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25732"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-06 21:05
Modified
2024-11-21 01:20
Severity ?
Summary
The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x before 3.1.2 build 301548 on Windows, and VMware Server 2.x on Windows does not properly validate an unspecified size field, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted video file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | movie_decoder | * | |
| vmware | movie_decoder | 6.5.3 | |
| vmware | movie_decoder | 6.5.4 | |
| vmware | movie_decoder | 7.0 | |
| vmware | movie_decoder | 7.1.2 | |
| microsoft | windows | * | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| vmware | workstation | 6.5.4 | |
| vmware | workstation | 6.5.5 | |
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 | |
| vmware | workstation | 7.1 | |
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| microsoft | windows | * | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| vmware | player | 2.5.4 | |
| vmware | player | 2.5.5 | |
| vmware | player | 3.0 | |
| vmware | player | 3.0.1 | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 | |
| vmware | player | 3.1.2 | |
| microsoft | windows | * | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:movie_decoder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88CDD5BD-D31E-4C47-81B6-674DD61263CC",
"versionEndIncluding": "6.5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CE79F3F7-A21A-4CAA-BB0D-2955299EE8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:movie_decoder:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "91A02B59-86A1-4C48-AF2D-A7A05B9B75EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:movie_decoder:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B55938DF-073D-4D0E-822B-B6D122511EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:movie_decoder:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6375DE2F-5D82-432F-8C2E-1AD5590801EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3684F0D0-B8BE-442B-AA27-0A485E6BFFAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A172221-19AB-4F7D-AA28-94AD5A6EFBF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "656039E8-8082-4208-B046-518D95769B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "80003D5E-B63F-4635-94ED-706375A4F86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A115959-9CDA-45ED-9002-BA1A31074E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x before 3.1.2 build 301548 on Windows, and VMware Server 2.x on Windows does not properly validate an unspecified size field, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted video file."
},
{
"lang": "es",
"value": "La funcionalidad de descompresi\u00f3n de tramas (\"frames\") en el codec VMnc media de VMware Movie Decoder en versiones anteriores a la 6.5.5 build 328052 y 7.x anteriores a la 7.1.2 build 301548, VMware Workstation 6.5.x anteriores a la 6.5.5 build 328052 y 7.x anteriores a la 7.1.2 build 301548 en Windows, VMware Player 2.5.x anteriores a la 2.5.5 build 246459 y 3.x anteriores a la 3.1.2 build 301548 en Windows, y VMware Server 2.x en Windows no valida apropiadamente un campo de tama\u00f1o sin especificar, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de la memoria din\u00e1mica) a trav\u00e9s de un archivo de v\u00eddeo modificado."
}
],
"id": "CVE-2010-4294",
"lastModified": "2024-11-21T01:20:37.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-12-06T21:05:49.373",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/69596"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42482"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45169"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024819"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/69596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-01-29 18:59
Modified
2024-11-21 02:24
Severity ?
Summary
The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/62551 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/72337 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1031644 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2015-0001.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/100934 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62551 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72337 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1031644 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2015-0001.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/100934 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | fusion | 6.0 | |
| vmware | fusion | 6.0.1 | |
| vmware | fusion | 6.0.2 | |
| vmware | fusion | 6.0.3 | |
| vmware | fusion | 6.0.4 | |
| vmware | fusion | 7.0 | |
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 | |
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BF84FD-2666-48F4-AEA6-4F2B30AF95BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184E7883-BBAD-4687-881A-69F0A5341ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFDBFB-3776-4615-AF3B-FCBD6840A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA730B34-3F72-451D-9960-DF44821A001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67198AB1-95B1-4ECC-A4CE-E2EAE688E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92275180-52FC-48DE-947C-3AE1B87AF2C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors."
},
{
"lang": "es",
"value": "Host Guest File System (HGFS) en VMware Workstation 10.x anterior a 10.0.5, VMware Player 6.x anterior a 6.0.5, y VMware Fusion 6.x anterior a 6.0.5 y 7.x anterior a 7.0.1 permite a usuarios del sistema operativo invitado causar una denegaci\u00f3n de servicio del sistema operativo invitado a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-1043",
"lastModified": "2024-11-21T02:24:31.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-29T18:59:02.657",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62551"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72337"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031644"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100934"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 1.0 | |
| vmware | ace | 2.0 | |
| vmware | player | 1.0.2 | |
| vmware | player | 1.0.3 | |
| vmware | player | 1.0.4 | |
| vmware | player | 1.0.5 | |
| vmware | player | 2.0 | |
| vmware | player | 2.0.1 | |
| vmware | player | 2.0.2 | |
| vmware | server | 1.0.3 | |
| vmware | vmware_server | 1.0.2 | |
| vmware | vmware_server | 1.0.4 | |
| vmware | vmware_workstation | 5.5.5 | |
| vmware | vmware_workstation | 6.0.1 | |
| vmware | vmware_workstation | 6.0.2 | |
| vmware | workstation | 5.5 | |
| vmware | workstation | 5.5.3_build_34685 | |
| vmware | workstation | 5.5.3_build_42958 | |
| vmware | workstation | 5.5.4 | |
| vmware | workstation | 5.5.4_build_44386 | |
| vmware | workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
"matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el servicio DHCP en VMware Workstation versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 1.0.x anteriores a 1.0.5, VMware Server versiones 1.0.x anteriores a 1.0.5, y VMware Fusion versiones 1.1.x anteriores a 1.1.1 permite a atacantes provocar una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2008-1364",
"lastModified": "2024-11-21T00:44:22.493",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-20T00:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019623"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28289"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41254"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of dhcp as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\n",
"lastModified": "2008-06-03T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-01-29 18:59
Modified
2024-11-21 02:24
Severity ?
Summary
vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.1 | |
| vmware | esxi | 5.1 | |
| vmware | esxi | 5.5 | |
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*",
"matchCriteriaId": "7C5A1C2B-119E-49F3-B8E6-0610EE1C445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF29B5A4-6E4C-4EAE-BC6A-0DD44262EE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7217CBE1-3882-4045-A15C-EE7D4174CA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:1:*:*:*:*:*:*",
"matchCriteriaId": "9A405802-D786-46F9-9E29-C727F9FD480A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "469D98A5-7B8B-41BE-94C6-D6EF25388007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors."
},
{
"lang": "es",
"value": "vmware-authd (tambi\u00e9n conocido como el proceso de autorizaci\u00f3n) en VMware Workstation 10.x anterior a 10.0.5, VMware Player 6.x anterior a 6.0.5, y VMware ESXi 5.0 hasta 5.5 permite a atacantes causar una denegaci\u00f3n de servicio del sistema operativo anfitri\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-1044",
"lastModified": "2024-11-21T02:24:32.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-29T18:59:03.657",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62551"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62569"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62669"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72336"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031645"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031646"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100935"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2024-11-21 00:50
Severity ?
Summary
Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call. NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "799650A4-BD6F-40EF-889B-6ED50E05CCA8",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E196532F-3B8D-4DAB-9DBA-FE204D3A07A9",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B553A95A-C3D3-4A01-80D6-2F656BA26BF3",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9",
"versionEndExcluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call. NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en un cierto control ActiveX en el COM API de VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, and VMware Server versiones anteriores a 1.0.7 build 108231 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del navegador) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una llamada al m\u00e9todo GuestInfo en el cual hay un argumento de cadena largo, y un asignamiento de un valor de cadena largo al resultado de esa llamada.\r\nNOTA: esto puede superponerse a CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, o CVE-2008-3696."
}
],
"id": "CVE-2008-3892",
"lastModified": "2024-11-21T00:50:22.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-03T14:12:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/29503"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43062"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/6345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/29503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/6345"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-15 23:13
Modified
2024-11-21 02:06
Severity ?
Summary
vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports "Vendor rated issue as non-exploitable."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | player | 6.0.1_build_1379776 | |
| vmware | workstation | 10.0.1_build_1379776 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1_build_1379776:*:*:*:*:*:*:*",
"matchCriteriaId": "4A08E3BA-9CC1-4CB3-B525-DECF0BB41B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1_build_1379776:*:*:*:*:*:*:*",
"matchCriteriaId": "31C59E4F-14C2-43C5-B8C1-31ADA8F437EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmx86.sys in VMware Workstation 10.0.1 build 1379776 and VMware Player 6.0.1 build 1379776 on Windows might allow local users to cause a denial of service (read access violation and system crash) via a crafted buffer in an IOCTL call. NOTE: the researcher reports \"Vendor rated issue as non-exploitable.\""
},
{
"lang": "es",
"value": "vmx86.sys en VMware Workstation 10.0.1 build 1379776 y VMware Player 6.0.1 build 1379776 en Windows podr\u00eda permitir a usuarios locales causar una denegaci\u00f3n de servicio (violaci\u00f3n de lectura de acceso y ca\u00edda de sistema) a trav\u00e9s de un buffer manipulado en una llamada IOCTL. NOTA: el investigador informa que \"el proveedor clasifico el problema como no explotable.\""
}
],
"id": "CVE-2014-2384",
"lastModified": "2024-11-21T02:06:11.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-15T23:13:15.697",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2014/Apr/163"
},
{
"source": "cve@mitre.org",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2014/Apr/163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2384/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-27 15:30
Modified
2024-11-21 01:10
Severity ?
Summary
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\x90 sequence in the USER and PASS commands, a related issue to CVE-2009-3707. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 2.5.0 | |
| vmware | ace | 2.5.1 | |
| vmware | ace | 2.5.2 | |
| vmware | ace | 2.5.3 | |
| vmware | ace | 2.5.4 | |
| vmware | ace | 2.6 | |
| vmware | ace | 2.6.1 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| vmware | player | 2.5.4 | |
| vmware | player | 3.0 | |
| vmware | player | 3.0.1 | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| vmware | workstation | 6.5.4 | |
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCA2A03-0A31-4290-987A-BE715758BA95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB84B42-8C68-4B65-93F9-287B699B7540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E87681DB-CBD8-46A6-BD9A-FB621B627B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3997440A-B731-4F26-A90B-BB14A8F93E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "656039E8-8082-4208-B046-518D95769B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A115959-9CDA-45ED-9002-BA1A31074E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3684F0D0-B8BE-442B-AA27-0A485E6BFFAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \\x25\\x90 sequence in the USER and PASS commands, a related issue to CVE-2009-3707. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "VMware Authentication Daemon 1.0 en vmware-authd.exe en VMware Authorization Service en VMware Workstation 7.0 en versiones anteriores a la 7.0.1 build 227600 y 6.5.x en versiones anteriores a la 6.5.4 build 246459, VMware Player 3.0 en versiones anteriores a la 3.0.1 build 227600 y 2.5.x en versiones anteriores a la 2.5.4 build 246459, VMware ACE 2.6 en versiones anteriores a la 2.6.1 build 227600 y 2.5.x en versiones anteriores a la 2.5.4 build 246459 y VMware Server 2.x permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del proceso) mediante una secuencia \\x25\\x90 en los comandos USER y PASS, un problema relacionado con CVE-2009-3707. NOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."
}
],
"id": "CVE-2009-4811",
"lastModified": "2024-11-21T01:10:31.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-27T15:30:00.420",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"URL Repurposed"
],
"url": "http://freetexthost.com/qr1tffkzpu"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://pocoftheday.blogspot.com/2009/10/vmware-server-20x-remote-dos-exploit.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/36630"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"URL Repurposed"
],
"url": "http://freetexthost.com/qr1tffkzpu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://pocoftheday.blogspot.com/2009/10/vmware-server-20x-remote-dos-exploit.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/36630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-18 05:23
Modified
2024-11-21 01:58
Severity ?
Summary
VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2013-0013.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2013-0013.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 9.0 | |
| vmware | workstation | 9.0.1 | |
| vmware | workstation | 9.0.2 | |
| vmware | player | 5.0 | |
| vmware | player | 5.0.1 | |
| vmware | player | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B439F706-27F8-4238-9396-B460EB78B6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B87CF2A3-422B-4B5C-9E90-382FF6373F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF4A5B6-C3E5-47B4-BC9E-14F544E3393E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "364FBB12-E292-47BB-8D26-CED34232A135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBF8C7B-7034-47B4-B84A-6987EB7B4DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "277B926D-C575-4526-9F0C-A1D6EAF2AA2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors."
},
{
"lang": "es",
"value": "VMware Workstation 9.x antes de 9.0.3 y VMware Player 5.x antes 5.0.3 en Linux no manejan correctamente biblioteca compartida, que permite a los usuarios de host del sistema operativo para obtener privilegios del sistema operativo a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-5972",
"lastModified": "2024-11-21T01:58:31.527",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-18T05:23:57.800",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0013.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-08 22:30
Modified
2024-11-21 00:59
Severity ?
Summary
Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with crafted dimensions (aka framebuffer parameters).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 2.5.0 | |
| vmware | ace | 2.5.1 | |
| vmware | ace | 2.5.2 | |
| vmware | movie_decoder | 6.5.3 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.2_build_156735 | |
| vmware | workstation | 6.5 | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CE79F3F7-A21A-4CAA-BB0D-2955299EE8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2_build_156735:*:*:*:*:*:*:*",
"matchCriteriaId": "D0075432-4410-41D7-BF36-C3C56A7CA2A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC6B629-30B3-4C45-B5E9-1B4310F186FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with crafted dimensions (aka framebuffer parameters)."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en el VMnc media codec en VMware Movie Decoder anteriores a v6.5.3 build 185404, VMware Workstation v6.5.x anteriores a v6.5.3 build 185404, VMware Player v2.5.x anteriores a v2.5.3 build 185404, y VMware ACE v2.5.x anteriores a v2.5.3 build 185404 para Windows podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero de video con una dimensi\u00f3n modificada (tambi\u00e9n conocido como par\u00e1metros framebuffer)."
}
],
"id": "CVE-2009-0199",
"lastModified": "2024-11-21T00:59:20.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-09-08T22:30:00.217",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34938"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-25/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/36290"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-25/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2553"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-12 18:30
Modified
2024-11-21 01:13
Severity ?
Summary
The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk."
},
{
"lang": "es",
"value": "El servicio USB en VMware Workstation v7.0 anterior v7.0.1 build 227600 y VMware Player v3.0 anterior v3.0.1 build 227600 en Windows puede permitir a los usuarios del sistema operativo anfitri\u00f3n obtener privilegios y localizar un toryano en una localizaci\u00f3n no especificada en el disco del SO anfitri\u00f3n."
}
],
"id": "CVE-2010-1140",
"lastModified": "2024-11-21T01:13:44.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-12T18:30:00.633",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1023834"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/39397"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-12 18:30
Modified
2024-11-21 01:13
Severity ?
Summary
The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 7.0 | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| microsoft | windows | * | |
| vmware | player | 3.0 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| microsoft | windows | * | |
| vmware | ace | 2.5.0 | |
| vmware | ace | 2.5.1 | |
| vmware | ace | 2.5.2 | |
| vmware | ace | 2.5.3 | |
| vmware | ace | 2.6 | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| vmware | fusion | 2.0 | |
| vmware | fusion | 2.0.1 | |
| vmware | fusion | 2.0.2 | |
| vmware | fusion | 2.0.3 | |
| vmware | fusion | 2.0.4 | |
| vmware | fusion | 2.0.5 | |
| vmware | fusion | 2.0.6 | |
| vmware | fusion | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCA2A03-0A31-4290-987A-BE715758BA95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E87681DB-CBD8-46A6-BD9A-FB621B627B0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55EBD95F-3DF7-49F3-A7AA-47085E0B7C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DA47C9-3D1A-49A7-8976-AE05D6730673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "692CC131-5C6C-4AD6-B85C-07DF21168BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "617EFBFF-D047-4A0B-ACB6-83B27710F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D0DF91-17E8-45D4-B625-737FE50C23CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C47EB8-8844-4D49-9246-008F7AE45C60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26B7268F-A170-4366-9196-E73A956883DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process."
},
{
"lang": "es",
"value": "La pila de la red virtual en VMware Workstation v7.0 anteriores a v7.0.1 build 227600, VMware Workstation v6.5.x anteriores a v6.5.4 build 246459 en Windows, VMware Player v3.0 anteriores a v3.0.1 build 227600, VMware Player v2.5.x anteriores a v2.5.4 build 246459 en Windows, VMware ACE v2.6 anteriores a v2.6.1 build 227600 y v2.5.x anteriores a v2.5.4 build 246459, VMware Server v2.x, y VMware Fusion v3.0 anteriores a v3.0.1 build 232708 y v2.x anteriores a v2.0.7 build 246742 permite a atacantes remotos obtener informaci\u00f3n sensible de la memoria en el sistema operativo anfitri\u00f3n mediante el examen de los paquetes de red recibidos, relacionado con la interacci\u00f3n entre el sistema operativo invitado y el proceso vmware-vx anfitri\u00f3n."
}
],
"id": "CVE-2010-1138",
"lastModified": "2024-11-21T01:13:43.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-12T18:30:00.553",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/63607"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39203"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/39395"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023836"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/63607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-21 19:17
Modified
2024-11-21 00:24
Severity ?
Summary
Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | * | |
| vmware | ace | * | |
| vmware | player | * | |
| vmware | player | * | |
| vmware | server | * | |
| vmware | workstation | * | |
| vmware | workstation | * | |
| vmware | esx | 2.0.2 | |
| vmware | esx | 2.1.3 | |
| vmware | esx | 2.5.3 | |
| vmware | esx | 2.5.4 | |
| vmware | esx | 3.0.0 | |
| vmware | esx | 3.0.1 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 6.10 | |
| canonical | ubuntu_linux | 7.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE329FB-74A5-4D8C-B5D5-C6063CAAB479",
"versionEndExcluding": "1.0.3",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310A0A72-A709-407D-A68D-24EF59EEC553",
"versionEndExcluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B87BD440-71B2-4D1C-B22A-A661D01928C0",
"versionEndExcluding": "1.0.5",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35A00737-2932-4877-8E02-1F9534C6FBAE",
"versionEndExcluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02269212-A8EE-4BB2-8C6E-122953AAFB83",
"versionEndExcluding": "1.0.4",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27920879-1408-4514-BA3F-B31DD69FACA2",
"versionEndExcluding": "5.5.5",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACA1016-EAC5-4210-ABDC-C2499F2841EA",
"versionEndExcluding": "6.0.1",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "796BEFD3-F30A-4397-BC3E-1156DE47CA4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9F768C-5549-4498-8C5D-13BC5046B721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01BB3005-A185-4701-945E-8E14A23A016F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BA6DF4-4D53-482A-8820-B9B0E6EBD51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "974D84A6-F5AB-4F0A-B9B5-9095A0E4733C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3613B7-CA1B-4C9A-9076-A2894202DDA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento inferior de entero en el servidor DHCP de EMC VMware Workstation anterior a 5.5.5 Build 56455 y 5.x anterior a 6.0.1 Build 55017, Player anterior a 1.0.5 Build 56455 y Player 2 anterior a 2.0.1 Build 55017, ACE anterior a 1.0.3 Build 54075 y ACE 2 anterior a 2.0.1 Build 55017, y Server anterior a 1.0.4 Build 56527 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un paquete DHCP mal formado que dispara un desbordamiento de b\u00fafer basado en pila."
}
],
"id": "CVE-2007-0063",
"lastModified": "2024-11-21T00:24:53.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-21T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33103"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue is the same as CVE-2007-5365. The affected dhcp versions were fixed via: https://rhn.redhat.com/errata/RHSA-2007-0970.html\n",
"lastModified": "2008-06-03T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-12 18:30
Modified
2024-11-21 01:13
Severity ?
Summary
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| linux | linux_kernel | * | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| linux | linux_kernel | * | |
| vmware | fusion | 2.0 | |
| vmware | fusion | 2.0.1 | |
| vmware | fusion | 2.0.2 | |
| vmware | fusion | 2.0.3 | |
| vmware | fusion | 2.0.4 | |
| vmware | fusion | 2.0.5 | |
| vmware | fusion | 2.0.6 | |
| vmware | vix_api | 1.6.0 | |
| vmware | vix_api | 1.6.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55EBD95F-3DF7-49F3-A7AA-47085E0B7C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DA47C9-3D1A-49A7-8976-AE05D6730673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "692CC131-5C6C-4AD6-B85C-07DF21168BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "617EFBFF-D047-4A0B-ACB6-83B27710F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D0DF91-17E8-45D4-B625-737FE50C23CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C47EB8-8844-4D49-9246-008F7AE45C60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FDEEE1-BC47-4EE6-A56B-C7626D554019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vix_api:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "98918409-9F58-4FBC-B5C1-4015B5E3C0FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata."
},
{
"lang": "es",
"value": "Vulnerabilidad de formato de cadena en vmrun en VMware VIX API v1.6.x, VMware Workstation v6.5.x antes de v6.5.4 build 246459, VMware Player v2.5.x antes de v2.5.4 build 246.459, y VMware Server v2.x en Linux y VMware Fusion v2.x antes de v2.0.7 build 246.742, permite a usuarios locales conseguir privilegios a trav\u00e9s de especificadores de formato de cadenas en los metadatos de proceso."
}
],
"id": "CVE-2010-1139",
"lastModified": "2024-11-21T01:13:44.077",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-12T18:30:00.587",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/63606"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39201"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/39407"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023835"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/63606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-21 14:03
Modified
2024-11-21 00:13
Severity ?
Summary
vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:infrastructure:3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0E3A11-F411-4653-96ED-05ECE4DCF401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9A9E09-959A-4A99-A25C-09AA4FA646D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.1_build_29996:*:*:*:*:*:*:*",
"matchCriteriaId": "EB051A5C-5F66-4732-949A-48B0FDE4AFF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A348CABB-CD52-4C55-9653-154C75605CD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BA74505A-3550-4646-B2D6-6E6D0924023D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7632C2AE-4B59-4B17-8A6B-C1D05C2824FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC77D81A-12AA-4948-9970-9461289DC648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54A10ABE-E778-4133-B1AA-05FE6829A34A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C2CB97F9-9DF6-4493-A245-F4901F4DD22E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C862131A-64D8-4C2D-815F-19971D63AF00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key."
},
{
"lang": "es",
"value": "vmware-config.pl en VMware for Linux, ESX Server 2.x, y Infrastructure 3 no valida el c\u00f3digo de retorno desde la llamada a la funci\u00f3n Perl chmod, lo cual podr\u00eda permitir un fichero llave SSL sea creado con una umask no segura que permite a usuarios locales leer o modificar la llave SSL."
}
],
"id": "CVE-2006-3589",
"lastModified": "2024-11-21T00:13:57.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-21T14:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://kb.vmware.com/kb/2467205"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21120"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23680"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016536"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/27418"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/440583/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/441082/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19060"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19062"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2880"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.vmware.com/kb/2467205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/27418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/440583/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/441082/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27881"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-08 22:30
Modified
2024-11-21 01:05
Severity ?
Summary
The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 2.5.0 | |
| vmware | ace | 2.5.1 | |
| vmware | ace | 2.5.2 | |
| vmware | movie_decoder | 6.5.3 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | workstation | 6.5 | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CE79F3F7-A21A-4CAA-BB0D-2955299EE8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC6B629-30B3-4C45-B5E9-1B4310F186FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption."
},
{
"lang": "es",
"value": "El codec multimedia VMnc en vmnc.dll en VMware Movie Decoder anterior a v6.5.3 build 185404, VMware Workstation v6.5.x anterior a v6.5.3 build 185404, VMware Player v2.5.x anterior a v2.5.3 build 185404 y VMware ACE v2.5.x anterior a v2.5.3 build 185404 sobre Windows, no maneja adecuadamente determinados tama\u00f1os de altura en el contenido de video, lo que podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo AVI manipulado que provocar\u00eda un corrupci\u00f3n de memoria."
}
],
"id": "CVE-2009-2628",
"lastModified": "2024-11-21T01:05:20.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-09-08T22:30:00.483",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34938"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/444513"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/36290"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/444513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/36290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2553"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-12 18:30
Modified
2024-11-21 01:13
Severity ?
Summary
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| microsoft | windows | * | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| microsoft | windows | * | |
| vmware | ace | 2.5.0 | |
| vmware | ace | 2.5.1 | |
| vmware | ace | 2.5.2 | |
| vmware | ace | 2.5.3 | |
| microsoft | windows | * | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| microsoft | windows | * | |
| vmware | fusion | 2.0 | |
| vmware | fusion | 2.0.1 | |
| vmware | fusion | 2.0.2 | |
| vmware | fusion | 2.0.3 | |
| vmware | fusion | 2.0.4 | |
| vmware | fusion | 2.0.5 | |
| vmware | fusion | 3.0 | |
| microsoft | windows | * | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| microsoft | windows | * | |
| vmware | esx | 2.5.5 | |
| vmware | esx | 3.0.3 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCA2A03-0A31-4290-987A-BE715758BA95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55EBD95F-3DF7-49F3-A7AA-47085E0B7C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DA47C9-3D1A-49A7-8976-AE05D6730673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "692CC131-5C6C-4AD6-B85C-07DF21168BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "617EFBFF-D047-4A0B-ACB6-83B27710F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D0DF91-17E8-45D4-B625-737FE50C23CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26B7268F-A170-4366-9196-E73A956883DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BDAA7C8-8F2F-4037-A517-2C1EDB70B203",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B037838B-072E-4676-9E5D-86F5BC207512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6F7416-E694-4EC9-9FE5-0C24448ECB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share."
},
{
"lang": "es",
"value": "VMware Tools en VMware Workstation v6.5.x before v6.5.4 build v246459; VMware Player v2.5.x anterior a v2.5.4 build 246459; VMware ACE v2.5.x anterior a v2.5.4 build 246459; VMware Server v2.x anterior a v2.0.2 build 203138; VMware Fusion v2.x anterior a v2.0.6 build 246742; VMware ESXi v3.5 y v4.0; y VMware ESX 2.5.5, 3.0.3, 3.5, y 4.0 no accede adecuadamente a las bibliotecas de acceso, lo cual permite a atacantes remotos ayudados por usuarios ejecutar c\u00f3digo a su elecci\u00f3n al enga\u00f1ar a un usuario en un cliente Windows OS a hacer clic en un archivo que se almacena en un recurso compartido de red."
}
],
"id": "CVE-2010-1141",
"lastModified": "2024-11-21T01:13:44.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-12T18:30:00.663",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39198"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023832"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023833"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7020"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-18 14:59
Modified
2024-11-21 02:47
Severity ?
Summary
VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows | * | |
| vmware | player | 7.0 | |
| vmware | player | 7.1 | |
| vmware | player | 7.1.1 | |
| vmware | player | 7.1.2 | |
| microsoft | windows | * | |
| vmware | workstation | 11.0 | |
| vmware | workstation | 11.1 | |
| vmware | workstation | 11.1.1 | |
| vmware | workstation | 11.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93872771-BD86-4707-926B-F6C3577C33A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B52D8903-B853-43A2-88C3-D79BBA70F8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78016ED4-AEA7-4E54-8986-E997000CD646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7D0356-0C56-413C-B626-B3DF8275F53D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "492D7AD2-D660-48F5-A9BE-28CCA6A6B658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90F0250C-EE18-486B-90D7-348FEF01C2D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E33E15C-62ED-4E24-AB00-0632C8A90C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C761DD95-A3CC-4998-B2F2-93F429BDF250",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors."
},
{
"lang": "es",
"value": "VMware Workstation 11.x en versiones anteriores a 11.1.3 y VMwaere Player 7.x en versiones anteriores a 7.1.3 en Windows acceden incorrectamente a un archivo ejecutable, lo que permite a los usuarios del SO anfitri\u00f3n obtener los privilegios del anfitri\u00f3n del sistema operativo a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-2077",
"lastModified": "2024-11-21T02:47:45.803",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-18T14:59:04.427",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035900"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0005.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2024-11-21 00:49
Severity ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "799650A4-BD6F-40EF-889B-6ED50E05CCA8",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E196532F-3B8D-4DAB-9DBA-FE204D3A07A9",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B553A95A-C3D3-4A01-80D6-2F656BA26BF3",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9",
"versionEndExcluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en un cierto control ActiveX en VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, y VMware Server versiones anteriores a 1.0.7 build 108231 tiene un impacto y vectores de ataque desconocidos, una vulnerabilidad diferente a CVE-2008-3691, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, y CVE-2008-3696."
}
],
"id": "CVE-2008-3692",
"lastModified": "2024-11-21T00:49:53.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-03T14:12:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-06-06 19:55
Modified
2024-11-21 01:27
Severity ?
Summary
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | esx | 3.0.3 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | fusion | 3.1 | |
| vmware | fusion | 3.1.1 | |
| vmware | fusion | 3.1.2 | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 | |
| vmware | player | 3.1.2 | |
| vmware | player | 3.1.3 | |
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| vmware | workstation | 7.1.3 | |
| freebsd | freebsd | * | |
| oracle | solaris | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6F7416-E694-4EC9-9FE5-0C24448ECB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3C6FC4-DAE3-42DB-B845-593BBD2A50BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BDAA7C8-8F2F-4037-A517-2C1EDB70B203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C9E205-87EE-4CE2-A252-DED7BB6D4EAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA72ED8-3229-4220-BE75-712CA6E21062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2818FD22-8BC5-4803-8D62-D7C7C22556F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05924C67-F9A0-450E-A5B8-059651DD32E3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a \"procedural error.\""
},
{
"lang": "es",
"value": "mount.vmhgfs en el Host Guest File System (HGFS) de VMware en VMware Workstation versiones 7.1.x anteriores a 7.1.4, VMware Player versiones 3.1.x anteriores a 3.1.4, VMware Fusion versiones 3.1.x anteriores a 3.1.3, VMware ESXi versiones 3.5 hasta 4.1, y VMware ESX versiones 3.0.3 hasta 4.1, cuando es utilizado un Sistema Operativo invitado de Solaris o FreeBSD, permite a los usuarios del sistema operativo invitado modificar archivos del sistema operativo invitado arbitrarios por medio de vectores no especificados, relacionados con un \"procedural error\"."
}
],
"id": "CVE-2011-2145",
"lastModified": "2024-11-21T01:27:41.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-06-06T19:55:02.833",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/44840"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/44904"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/48098"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1025601"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67815"
},
{
"source": "cve@mitre.org",
"url": "https://hermes.opensuse.org/messages/8711677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/8711677"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-21 19:17
Modified
2024-11-21 00:24
Severity ?
Summary
Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 1.0.3 | |
| vmware | ace | 2.0 | |
| vmware | player | 1.0.4 | |
| vmware | player | 2.0 | |
| vmware | server | 1.0.3 | |
| vmware | vmware_workstation | 6.0.1 | |
| vmware | workstation | 3.4 | |
| vmware | workstation | 4.0 | |
| vmware | workstation | 4.0.1 | |
| vmware | workstation | 4.0.2 | |
| vmware | workstation | 4.5.2 | |
| vmware | workstation | 5.5.0_build_13124 | |
| vmware | workstation | 5.5.1 | |
| vmware | workstation | 5.5.1_build_19175 | |
| vmware | workstation | 5.5.3_build_34685 | |
| vmware | workstation | 5.5.3_build_42958 | |
| vmware | workstation | 5.5.4 | |
| vmware | workstation | 5.5.4_build_44386 | |
| vmware | workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A688A2-3E9C-4AA3-832B-300A5A311C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89098CFF-4696-4BD9-9BC9-D7C2D92FE729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A30DFFE7-EB73-4A88-A23B-9B386C091314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6C230D-7BAA-4A77-9E96-B1B994F4AAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FE7C5-2C46-4B59-9242-A03B986C07DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.0_build_13124:*:*:*:*:*:*:*",
"matchCriteriaId": "B4BCB22F-7B9A-493B-AE19-18D0C15EA778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1_build_19175:*:*:*:*:*:*:*",
"matchCriteriaId": "33D6D4DD-13D2-4EA0-A7D7-367C3809ABAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
"matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients."
},
{
"lang": "es",
"value": "Un desbordamiento enteros en el dhcpd ISC versi\u00f3n 3.0.x anterior a 3.0.7 y versi\u00f3n 3.1.x anterior a 3.1.1; y el servidor DHCP en EMC VMware Workstation anterior a versi\u00f3n 5.5.5 Build 56455 y versi\u00f3n 6.x anterior a 6.0.1 Build 55017, Player anterior a versi\u00f3n 1.0.5 Build 56455 y Player 2 anterior a versi\u00f3n 2.0.1 Build 55017, ACE anterior a versi\u00f3n 1.0.3 Build 54075 y ACE 2 anterior a versi\u00f3n 2.0.1 Build 55017, y Server versi\u00f3n 1.0.4 56528; permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo del demonio) o ejecutar c\u00f3digo arbitrario por medio de un paquete DHCP con formato inapropiado con un gran tama\u00f1o de mensaje m\u00e1ximo dhcp que desencadena un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria, relacionado con servidores configurados para enviar muchas opciones DHCP a clientes."
}
],
"id": "CVE-2007-0062",
"lastModified": "2024-11-21T00:24:52.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-21T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31396"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34263"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018717"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=227135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200808-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/501759/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=339561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33102"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "The Red Hat Security Response Team has rated this issue as having low security impact. The risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1, 3, 4, or 5:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-0062\n",
"lastModified": "2008-06-03T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-06 15:30
Modified
2024-11-21 01:01
Severity ?
Summary
Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1A5C22-A89A-4B6B-9108-8C3678BBBC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "700C0BB4-2272-4405-9D9A-A636E3D22461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.3_build_54075:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B6602F-EF25-4E20-B4AA-955C026F7AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "87291B27-442C-4CAB-94A1-67FC766486EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B04862-4377-422E-931A-B17FE1CA1884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B6730-F05B-4B62-B4DE-07C61A4924F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D22E40D-C362-49FD-924C-262A64555934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.1_build_55017:*:*:*:*:*:*:*",
"matchCriteriaId": "9D438AB9-825C-4A9B-A3FF-55F2E5743B19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A48CEB4-5864-4A0F-B14C-CFE4699C3311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78957047-FB9F-4D1D-B3D9-91257A6B4D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A04DB52-C66C-4AA9-9D6F-9D2DC202C5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280033C5-90EF-4825-A87D-B23650D8C71A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBF029A-103D-4BB6-B037-25EC2224DF34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C4D90-3697-4F3F-8FFF-FE63F3AD0DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "35A717A5-60C2-4470-943E-CA53781D4B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8FBC02-7F2F-4AEF-A5A3-E283D192937C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29AA2B37-BF5F-4AC5-844D-34CF56EC621C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "07131E56-53EE-4CE1-A135-050792EA3C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86334051-8763-4CD9-9480-CAEAE756DFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66596F04-9C2E-4091-85A7-40239F3F920E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E831531-60FE-4DFC-994E-7409E6C69D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.2.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "4C1A275E-2152-4A37-8CFE-34E8900E3426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A688A2-3E9C-4AA3-832B-300A5A311C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89098CFF-4696-4BD9-9BC9-D7C2D92FE729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A30DFFE7-EB73-4A88-A23B-9B386C091314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.1_build_5289:*:*:*:*:*:*:*",
"matchCriteriaId": "25F1481E-A07D-4913-BCF3-630561F0FBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6C230D-7BAA-4A77-9E96-B1B994F4AAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FE7C5-2C46-4B59-9242-A03B986C07DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2_build_8848:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8F9694-8556-4990-A867-592D6A927498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2_build_8848:r4:*:*:*:*:*:*",
"matchCriteriaId": "0C605123-69F9-44AC-A17E-3C728059E628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5:*:*:*:*:*:*:*",
"matchCriteriaId": "37595A89-52C5-4699-A463-C9D91B91716B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.0.0_build_13124:*:*:*:*:*:*:*",
"matchCriteriaId": "41B54C61-FB19-4900-A635-2F6B63BEC88C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.0_build_13124:*:*:*:*:*:*:*",
"matchCriteriaId": "B4BCB22F-7B9A-493B-AE19-18D0C15EA778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1_build_19175:*:*:*:*:*:*:*",
"matchCriteriaId": "33D6D4DD-13D2-4EA0-A7D7-367C3809ABAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF51A7F-59DA-4F64-A4F7-3A250C950D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:42958:*:*:*:*:*:*",
"matchCriteriaId": "559D2177-ECB9-4AFF-A8B4-BCB47A1B4637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
"matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D75ED54E-8E55-48BF-A52E-19FCCE895C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.5_build_56455:*:*:*:*:*:*:*",
"matchCriteriaId": "B27D214D-2BEF-4445-802A-5E02E9E5E5CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B53297E3-0C74-421B-8058-DAF7357D421A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDEFCEF-F943-449B-91D8-A8CB290C7AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "97957D6F-0249-4814-8755-5C4537B58E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4408849A-21F1-40F5-A528-0BD47E1BF823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.1_build_55017:*:*:*:*:*:*:*",
"matchCriteriaId": "0692E537-A36E-470B-BECE-A17D531B925C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9938CB4F-96D1-4852-9694-28A93E13AA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB61760-87FD-4E60-ADC6-407EFA13773C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBDE6D5-7131-421A-BABE-32F281615597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA4FEF-FF8F-4706-89BC-8396F7614EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC6B629-30B3-4C45-B5E9-1B4310F186FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E76D03A3-DB55-48A2-B5A5-64002D28B95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAC68CA-DCA3-4399-807D-E7AC67C9C3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA35C066-90A9-4DE2-A97A-38A6CFC59A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "462EEAD5-A78C-4381-847E-B6F1BE4CB379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E666A5E4-4CDD-4915-B0F3-C63998D01846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3F9D4D-2116-49A7-9292-AF6B4456E175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2EAA90-B24A-45E7-B99F-DA3554A16F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "446F2959-C42B-403B-AE1C-BA7D305C60CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2786E370-6108-4695-B0A8-9F19D8E3C0C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el archivo vmci.sys en la Virtual Machine Communication Interface (VMCI) en VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE 2.5.1 y anteriores, y VMware Server v2.0.x anteriores a v2.0.1 build 156745 permite a los usuarios locales obtener privilegios a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2009-1147",
"lastModified": "2024-11-21T01:01:46.607",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-06T15:30:04.437",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34373"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021976"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5471"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-14 12:30
Modified
2024-11-21 01:44
Severity ?
Summary
VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | player | 4.0 | |
| vmware | player | 4.0.0.18997 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | player | 4.0.3 | |
| vmware | player | 4.0.4 | |
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.0.18997 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.1.27038 | |
| vmware | workstation | 8.0.2 | |
| vmware | workstation | 8.0.3 | |
| vmware | workstation | 8.0.4 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "81AFBBE6-0B3B-44DB-BBEB-08C8B2C39038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5FD2D7-9928-437B-8988-4FC955DE4F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2932689-76D4-4907-9CF9-AD8F6B801579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "01483038-BC89-44BA-B07B-362FC5D7E8C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*",
"matchCriteriaId": "B671AC17-7064-4541-ADB3-FCD72109C766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21644868-F1B0-4A8E-BE73-4F42BEB8E834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4944D9B1-A48B-4F32-951E-BEC3FEAC45FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application."
},
{
"lang": "es",
"value": "VMware Workstation v8.x antes de v8.0.5 y VMware Player v4.x antes de v4.0.5 en Windows utiliza permisos d\u00e9biles para hilos de proceso no especificados, lo que permite a los usuarios del sistema operativo de host para obtener privilegios del sistema operativo de host a trav\u00e9s de una aplicaci\u00f3n dise\u00f1ada."
}
],
"id": "CVE-2012-5458",
"lastModified": "2024-11-21T01:44:42.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-14T12:30:59.757",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/87118"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/56469"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/87118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79924"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-13 14:59
Modified
2024-11-21 02:27
Severity ?
Summary
TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | horizon_client | 3.2.0 | |
| vmware | horizon_client | 3.3 | |
| vmware | horizon_view_client | 5.4 | |
| vmware | horizon_view_client | 5.4.1 | |
| microsoft | windows | * | |
| vmware | fusion | 6.0 | |
| vmware | fusion | 6.0.1 | |
| vmware | fusion | 6.0.2 | |
| vmware | fusion | 6.0.3 | |
| vmware | fusion | 6.0.4 | |
| vmware | fusion | 6.0.5 | |
| vmware | fusion | 7.0 | |
| vmware | fusion | 7.0.1 | |
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 | |
| vmware | player | 6.0.5 | |
| vmware | player | 7.0 | |
| vmware | player | 7.1 | |
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 | |
| vmware | workstation | 10.0.5 | |
| vmware | workstation | 11.0 | |
| vmware | workstation | 11.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BA06B-60FB-456B-A4BF-401F82E88BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F0EB9C-6734-4A8E-84FA-E618B2FC5942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E82AFF09-F9F6-486B-9299-3852EBD9B333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9391EA21-2A10-445A-B88A-103025C9A343",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BF84FD-2666-48F4-AEA6-4F2B30AF95BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184E7883-BBAD-4687-881A-69F0A5341ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFDBFB-3776-4615-AF3B-FCBD6840A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA730B34-3F72-451D-9960-DF44821A001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67198AB1-95B1-4ECC-A4CE-E2EAE688E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "85A09E65-9C4C-42FD-A1B0-E925A905875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92275180-52FC-48DE-947C-3AE1B87AF2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF002E-10E1-4405-8C55-BD91AD45B891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5D0FC7-8389-4B1D-BDBD-3017E5740F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93872771-BD86-4707-926B-F6C3577C33A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B52D8903-B853-43A2-88C3-D79BBA70F8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71B0563B-F300-448D-8450-9B7B862F4560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "492D7AD2-D660-48F5-A9BE-28CCA6A6B658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90F0250C-EE18-486B-90D7-348FEF01C2D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338."
},
{
"lang": "es",
"value": "TPview.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6 y 7.x anterior a 7.1.1, y VMware Horizon Client 3.2.x anterior a 3.2.1, 3.3.x, y 5.x local-mode anterior a 5.4.2 en Windows no reserva correctamente memoria, lo que permite a usuarios del sistema operativo invitado causar una denegaci\u00f3n de servicio del sistema operativo anfitri\u00f3n a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2015-2338."
}
],
"id": "CVE-2015-2339",
"lastModified": "2024-11-21T02:27:15.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-13T14:59:02.873",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75092"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-04 16:55
Modified
2024-11-21 01:39
Severity ?
Summary
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.2 | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | fusion | 4.0 | |
| vmware | fusion | 4.0.1 | |
| vmware | fusion | 4.0.2 | |
| vmware | fusion | 4.1 | |
| vmware | fusion | 4.1.1 | |
| vmware | fusion | 4.1.2 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 5.0 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60234129-7F7F-49FA-A425-CDAB4D09AB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB73EC4-F3CE-428B-BA40-47FB21181543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "927863C2-5A61-4137-83AC-6CF3F2958941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F74559CB-6E52-421F-88F3-739913C26C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4870DAA2-6670-47EF-BF74-6E39B92E75DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70C64B80-4928-4ABA-AF4E-1977C252BAEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE88D8C-9CC3-46D1-9F26-290BC679F47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:1:*:*:*:*:*:*",
"matchCriteriaId": "58ED8AB4-0FDF-4752-B44E-56F58593CE41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*",
"matchCriteriaId": "0A4E41C0-31FA-47AA-A9BF-B9A6C1D44801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF016EE7-083A-4D62-A6D4-2807EB47B6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*",
"matchCriteriaId": "8F11844A-3C6C-4AA5-87DC-979AFF62867A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*",
"matchCriteriaId": "AC463653-A599-45CF-8EA9-8854D5C59963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*",
"matchCriteriaId": "4DC5C2BF-6EC6-436F-A925-469E87249C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*",
"matchCriteriaId": "7BCE5DA9-BB88-4169-B77C-40B1F98D511A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF29100-E124-4416-95CF-18B4246D43F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "37A5D726-3D38-44D5-B509-1B8B003903A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "A4DA3B20-A743-4F37-A095-65161FFBEB73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "FF7C3C65-BE63-407E-9CFD-E571025C3E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS."
},
{
"lang": "es",
"value": "VMware Workstation v8.x antes de v8.0.3, VMware Player v4.x antes de v4.0.3, VMware Fusion v4.x hasta v4.1.2, VMware ESXi v3.5 hasta v5.0 y VMware ESX v3.5 hasta v4.1 no configura correctamente el dispositivo de disco virtual, lo que permite a los usuarios invitados del sistema operativo causar una denegaci\u00f3n de servicio (operaci\u00f3n de escritura fuera de los l\u00edmites y la ca\u00edda del proceso VMX) o posiblemente ejecutar c\u00f3digo arbitrario en el sistema operativo anfitri\u00f3n mediante el aprovechamiento de privilegios de administrador en el sistema operativo invitado."
}
],
"id": "CVE-2012-2449",
"lastModified": "2024-11-21T01:39:07.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-04T16:55:01.543",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/81694"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/49032"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53369"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027019"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75376"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16863"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-12 18:30
Modified
2024-11-21 01:08
Severity ?
Summary
Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2579A3BF-B7C0-4052-8D6A-31E872ECD2B6",
"versionEndExcluding": "2.5.4",
"versionStartIncluding": "2.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E87681DB-CBD8-46A6-BD9A-FB621B627B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B66157E4-285D-4975-BED8-9A52326F2100",
"versionEndExcluding": "2.5.4",
"versionStartIncluding": "2.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9554F5-950A-422F-BC26-80C1BCCDD792",
"versionEndIncluding": "2.0.2",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "662DDDC1-E5A9-4D11-BC2E-66E05FBEB5AB",
"versionEndExcluding": "6.5.4",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de formato de cadena en vmware-vmrc.exe build 158248 en VMware Remote Console (tambi\u00e9n conocido como VMrc) permite a atacantes remotos jcutar codigo arbitrario a trav\u00e9s de vectores inespec\u00edficos."
}
],
"id": "CVE-2009-3732",
"lastModified": "2024-11-21T01:08:04.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-12T18:30:00.460",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/39110"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/39110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 1.0 | |
| vmware | ace | 1.0.1 | |
| vmware | ace | 1.0.2 | |
| vmware | ace | 1.0.3 | |
| vmware | ace | 1.0.4 | |
| vmware | ace | 2.0 | |
| vmware | player | 1.0.2 | |
| vmware | player | 1.0.3 | |
| vmware | player | 1.0.4 | |
| vmware | player | 1.0.5 | |
| vmware | player | 2.0 | |
| vmware | player | 2.0.1 | |
| vmware | player | 2.0.2 | |
| vmware | server | 1.0.3 | |
| vmware | vmware_server | 1.0.0 | |
| vmware | vmware_server | 1.0.1 | |
| vmware | vmware_server | 1.0.2 | |
| vmware | vmware_server | 1.0.3 | |
| vmware | vmware_server | 1.0.4 | |
| vmware | vmware_workstation | 5.5.5 | |
| vmware | vmware_workstation | 6.0.1 | |
| vmware | vmware_workstation | 6.0.2 | |
| vmware | workstation | 5.5 | |
| vmware | workstation | 5.5.3_build_34685 | |
| vmware | workstation | 5.5.3_build_42958 | |
| vmware | workstation | 5.5.4 | |
| vmware | workstation | 5.5.4_build_44386 | |
| vmware | workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8230EFE6-8AB6-41DF-9A46-CAE4E5BB7F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0CA04700-CF35-43CA-AD4E-BB93E206FDD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
"matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362."
},
{
"lang": "es",
"value": "VMware Workstation versiones 6.0.x anteriores a 6.0.3 y 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales conseguir privilegios mediante una manipulaci\u00f3n no espec\u00edfica que causa que el proceso authd conecte con un nombre de tuber\u00eda de su elecci\u00f3n, siendo una vulnerabilidad diferente que CVE-2008-1362."
}
],
"id": "CVE-2008-1361",
"lastModified": "2024-11-21T00:44:22.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-20T00:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019621"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41257"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-10 17:59
Modified
2024-11-21 02:29
Severity ?
Summary
vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | player | 5.0 | |
| vmware | player | 5.0.1 | |
| vmware | player | 5.0.2 | |
| vmware | player | 5.0.3 | |
| vmware | player | 5.0.4 | |
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 | |
| vmware | player | 6.0.5 | |
| vmware | player | 6.0.6 | |
| vmware | player | 7.0 | |
| vmware | player | 7.1 | |
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 | |
| vmware | workstation | 10.0.5 | |
| vmware | workstation | 10.0.6 | |
| vmware | workstation | 11.0 | |
| vmware | workstation | 11.1 | |
| vmware | horizon_view_client | 5.4 | |
| vmware | horizon_view_client | 5.4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "364FBB12-E292-47BB-8D26-CED34232A135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBF8C7B-7034-47B4-B84A-6987EB7B4DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "277B926D-C575-4526-9F0C-A1D6EAF2AA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "77E6EAA1-4828-4B94-931F-B92C54FD97D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C766686C-0EAE-4E7A-A5F2-F93A57991A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5D0FC7-8389-4B1D-BDBD-3017E5740F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF03B6D-2A6D-4A99-BAE1-308CA1CAE633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93872771-BD86-4707-926B-F6C3577C33A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B52D8903-B853-43A2-88C3-D79BBA70F8CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71B0563B-F300-448D-8450-9B7B862F4560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CED170BC-88E4-44D9-A4C5-A2A190283985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "492D7AD2-D660-48F5-A9BE-28CCA6A6B658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90F0250C-EE18-486B-90D7-348FEF01C2D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E82AFF09-F9F6-486B-9299-3852EBD9B333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9391EA21-2A10-445A-B88A-103025C9A343",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmware-vmx.exe in VMware Workstation 7.x through 10.x before 10.0.7 and 11.x before 11.1.1, VMware Player 5.x and 6.x before 6.0.7 and 7.x before 7.1.1, and VMware Horizon Client 5.x local-mode before 5.4.2 on Windows does not provide a valid DACL pointer during the setup of the vprintproxy.exe process, which allows host OS users to gain host OS privileges by injecting a thread."
},
{
"lang": "es",
"value": "Vmware-vmx.exe en VMware Workstation 7.x hasta 10.x anterior a 10.0.7 y 11.xanterior a 11.1.1, VMware Player 5.x y 6.x anterior a 6.0.7 y 7.x anterior a 7.1.1, y VMware Horizont Client hasta la versi\u00f3n 5.4.2 en Windows. No proporciona un puntero DACL v\u00e1lido durante la instalaci\u00f3n del proceso vprintproxy.exe, por lo que permite a los usuarios del sistema operativo obtener privilegios del sistema mediante la inyecci\u00f3n de un hilo."
}
],
"id": "CVE-2015-3650",
"lastModified": "2024-11-21T02:29:34.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-10T17:59:01.170",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032822"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032823"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0005.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.nettitude.co.uk/vmware-multiple-products-privilege-escalation/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.nettitude.co.uk/vmware-multiple-products-privilege-escalation/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-06-06 19:55
Modified
2024-11-21 01:27
Severity ?
Summary
Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| vmware | workstation | 7.1.3 | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 | |
| vmware | player | 3.1.2 | |
| vmware | player | 3.1.3 | |
| vmware | fusion | 3.1 | |
| vmware | fusion | 3.1.1 | |
| vmware | fusion | 3.1.2 | |
| vmware | esx | 3.0.3 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2818FD22-8BC5-4803-8D62-D7C7C22556F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA72ED8-3229-4220-BE75-712CA6E21062",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6F7416-E694-4EC9-9FE5-0C24448ECB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3C6FC4-DAE3-42DB-B845-593BBD2A50BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BDAA7C8-8F2F-4037-A517-2C1EDB70B203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C9E205-87EE-4CE2-A252-DED7BB6D4EAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory."
},
{
"lang": "es",
"value": "Una Condici\u00f3n de carrera en mount.vmhgfs en VMware Host Guest File System (HGFS) en VMware Workstation versiones 7.1.x anteriores a 7.1.4, VMware Player versiones 3.1.x anteriores a 3.1.4, VMware Fusion versiones 3.1.x anteriores a 3.1.3, VMware ESXi versiones 3.5 hasta 4.1, y VMware ESX versiones 3.0.3 hasta 4.1, permite a los usuarios del Sistema Operativo invitado alcanzar privilegios en el Sistema Operativo Invitado al montar un sistema de archivos sobre un directorio arbitrario."
}
],
"id": "CVE-2011-1787",
"lastModified": "2024-11-21T01:27:03.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-06-06T19:55:01.987",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/44840"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/44904"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/48098"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1025601"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"source": "cve@mitre.org",
"url": "https://hermes.opensuse.org/messages/8711677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/8711677"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-30 18:30
Modified
2024-11-21 01:13
Severity ?
Summary
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libpng | libpng | * | |
| libpng | libpng | * | |
| chrome | * | ||
| apple | itunes | * | |
| apple | safari | * | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x_server | * | |
| fedoraproject | fedora | 12 | |
| fedoraproject | fedora | 13 | |
| opensuse | opensuse | 11.1 | |
| opensuse | opensuse | 11.2 | |
| suse | linux_enterprise_server | 9 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| vmware | player | * | |
| vmware | player | * | |
| vmware | workstation | * | |
| vmware | workstation | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| debian | debian_linux | 5.0 | |
| mozilla | firefox | * | |
| mozilla | firefox | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| mozilla | thunderbird | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7768B8-2319-4AAF-B38E-A3B21A37B0FE",
"versionEndExcluding": "1.2.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13C02A4C-7A19-4F0D-A192-C031833576D6",
"versionEndExcluding": "1.4.3",
"versionStartIncluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0EC41A-6188-4918-864D-A30F4C011707",
"versionEndExcluding": "5.0.375.99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE850901-4B2A-4C98-836A-40683CB02FB4",
"versionEndExcluding": "10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57A2B591-583F-4644-A900-4890FEFEE18C",
"versionEndExcluding": "5.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D97C1BD-57D8-4131-B437-6BA9F41C8F50",
"versionEndIncluding": "4.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25512493-BB20-46B2-B40A-74E67F0797B6",
"versionEndExcluding": "10.6.4",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7461BE-1CAC-46D6-95E6-1B2DFC5A4CCF",
"versionEndExcluding": "10.6.4",
"versionStartIncluding": "10.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
"matchCriteriaId": "E44669D7-6C1E-4844-B78A-73E253A7CC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*",
"matchCriteriaId": "25CBACD3-AFB7-410D-927F-0C1FF477D396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
"matchCriteriaId": "F13F07CC-739B-465C-9184-0E9D708BD4C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
"matchCriteriaId": "EE26596F-F10E-44EF-88CA-0080646E91B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "926563F5-E868-4E88-A1F8-B29624FB2438",
"versionEndExcluding": "2.5.5",
"versionStartIncluding": "2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F01F27AB-A8F6-455B-9495-821520435771",
"versionEndExcluding": "3.1.2",
"versionStartIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "894BC4D6-EBB6-4743-A860-170D7D31196A",
"versionEndExcluding": "6.5.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D23900B-C027-44C5-B912-9F7F71C7EBD1",
"versionEndExcluding": "7.1.2",
"versionStartIncluding": "7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "C0507E91-567A-41D6-A7E5-5088A39F75FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "016DCEE3-2209-4494-A1F8-58422056B29D",
"versionEndExcluding": "3.5.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDD9439-D312-4AB2-87E6-2E2154F191C1",
"versionEndExcluding": "3.6.7",
"versionStartIncluding": "3.5.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAC42ED-38D9-4D2F-945E-B19F267B36FB",
"versionEndExcluding": "2.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C49B7B3C-9F1D-4260-B07A-1B7B8ACE04FD",
"versionEndExcluding": "3.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76D0ADB0-B60C-4108-AA8A-49766BEC6C01",
"versionEndExcluding": "3.1.1",
"versionStartIncluding": "3.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en el fichero pngpread.c en libpng anteriores a 1.2.44 y 1.4.x anteriroes a 1.4.3, como se utiliza en aplicaciones progresivas, podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo arbitrario mediante una imagen PNG que desencadena una serie de datos adicionales."
}
],
"id": "CVE-2010-1205",
"lastModified": "2024-11-21T01:13:52.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2010-06-30T18:30:01.333",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://blackberry.com/btsc/KB27244"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=45983"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html"
},
{
"source": "cve@mitre.org",
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40302"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40336"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40472"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40547"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/41574"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4312"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4554"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4566"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://trac.webkit.org/changeset/61816"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/41174"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-960-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1612"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://bugs.webkit.org/show_bug.cgi?id=40798"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=570451"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608238"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59815"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://blackberry.com/btsc/KB27244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=45983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/41574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://trac.webkit.org/changeset/61816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/41174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-960-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://bugs.webkit.org/show_bug.cgi?id=40798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=570451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-06-06 19:55
Modified
2024-11-21 01:27
Severity ?
Summary
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| vmware | workstation | 7.1.3 | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 | |
| vmware | player | 3.1.2 | |
| vmware | player | 3.1.3 | |
| vmware | fusion | 3.1 | |
| vmware | fusion | 3.1.1 | |
| vmware | fusion | 3.1.2 | |
| vmware | esx | 3.0.3 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2818FD22-8BC5-4803-8D62-D7C7C22556F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA72ED8-3229-4220-BE75-712CA6E21062",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6F7416-E694-4EC9-9FE5-0C24448ECB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3C6FC4-DAE3-42DB-B845-593BBD2A50BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BDAA7C8-8F2F-4037-A517-2C1EDB70B203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C9E205-87EE-4CE2-A252-DED7BB6D4EAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors."
},
{
"lang": "es",
"value": "mount.vmhgfs en Host Guest File System (HGFS) de VMware en VMware Workstation versiones 7.1.x anteriores a 7.1.4, VMware Player versiones 3.1.x anteriores a 3.1.4, VMware Fusion versiones 3.1.x anteriores a 3.1.3, VMware ESXi versiones 3.5 hasta 4.1, y VMware ESX versiones 3.0.3 hasta 4.1, permite a los usuarios del Sistema Operativo invitado determinar la existencia de archivos y directorios del sistema operativo host por medio de vectores no especificados."
}
],
"id": "CVE-2011-2146",
"lastModified": "2024-11-21T01:27:41.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-06-06T19:55:02.863",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/44840"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/44904"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/48098"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1025601"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67813"
},
{
"source": "cve@mitre.org",
"url": "https://hermes.opensuse.org/messages/8711677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://hermes.opensuse.org/messages/8711677"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-07 20:55
Modified
2024-11-21 01:31
Severity ?
Summary
Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 | |
| vmware | workstation | 7.1 | |
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| vmware | workstation | 7.1.3 | |
| vmware | workstation | 7.1.4 | |
| vmware | player | 3.0 | |
| vmware | player | 3.0.1 | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 | |
| vmware | player | 3.1.2 | |
| vmware | player | 3.1.3 | |
| vmware | player | 3.1.4 | |
| vmware | fusion | 3.1 | |
| vmware | fusion | 3.1.1 | |
| vmware | fusion | 3.1.2 | |
| vmware | ams | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2818FD22-8BC5-4803-8D62-D7C7C22556F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8C76F3-05B5-43EA-AE70-A026AC6001DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A115959-9CDA-45ED-9002-BA1A31074E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA72ED8-3229-4220-BE75-712CA6E21062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "57E06DA2-CB18-45E6-9F88-B3B6E0507816",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ams:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD09C110-3A8B-41F1-B113-854A914DB263",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image."
},
{
"lang": "es",
"value": "Desbordamiento de bufer en VMware Workstation 7.x anterior a v7.1.5, VMware Player v3.x anterior a v3.1.5, VMware Fusion v3.1.x anterior v3.1.3, y VMware AMS permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un systema de ficheros manipulado UDF en una imagen ISO"
}
],
"id": "CVE-2011-3868",
"lastModified": "2024-11-21T01:31:26.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-10-07T20:55:01.253",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/76060"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/46241"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/520005/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/49942"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026139"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/76060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520005/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0011.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2024-11-21 00:49
Severity ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "799650A4-BD6F-40EF-889B-6ED50E05CCA8",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E196532F-3B8D-4DAB-9DBA-FE204D3A07A9",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B553A95A-C3D3-4A01-80D6-2F656BA26BF3",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9",
"versionEndExcluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."
},
{
"lang": "es",
"value": "Vulnerabilidad no espeficada en un cierto control ActiveX en VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, y VMware Server before 1.0.7 build 108231 tiene un impacto y vectores de ataque desconocidos, una vulnerabilidad diferente a CVE-2008-3691, CVE-2008-3692, CVE-2008-3694, CVE-2008-3695, y CVE-2008-3696."
}
],
"id": "CVE-2008-3693",
"lastModified": "2024-11-21T00:49:53.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-03T14:12:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 1.0 | |
| vmware | ace | 2.0 | |
| vmware | player | 1.0.2 | |
| vmware | player | 1.0.3 | |
| vmware | player | 1.0.4 | |
| vmware | player | 1.0.5 | |
| vmware | player | 2.0 | |
| vmware | player | 2.0.1 | |
| vmware | player | 2.0.2 | |
| vmware | server | 1.0.3 | |
| vmware | vmware_server | 1.0.2 | |
| vmware | vmware_server | 1.0.4 | |
| vmware | vmware_workstation | 5.5.5 | |
| vmware | vmware_workstation | 6.0.1 | |
| vmware | vmware_workstation | 6.0.2 | |
| vmware | workstation | 5.5 | |
| vmware | workstation | 5.5.3_build_34685 | |
| vmware | workstation | 5.5.3_build_42958 | |
| vmware | workstation | 5.5.4 | |
| vmware | workstation | 5.5.4_build_44386 | |
| vmware | workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
"matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an \"insecurely created named pipe,\" a different vulnerability than CVE-2008-1361."
},
{
"lang": "es",
"value": "VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y versiones 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales conseguir privilegios o provocar una denegaci\u00f3n de servicio utilizando la suplantaci\u00f3n del proceso authd a trav\u00e9s de un uso no especificado de una \"tuber\u00eda de nombres creada de forma no segura\", siendo una vulnerabilidad diferente que CVE-2008-1361."
}
],
"id": "CVE-2008-1362",
"lastModified": "2024-11-21T00:44:22.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-20T00:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019621"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 1.0 | |
| vmware | ace | 2.0 | |
| vmware | player | 1.0.2 | |
| vmware | player | 1.0.3 | |
| vmware | player | 1.0.4 | |
| vmware | player | 1.0.5 | |
| vmware | player | 2.0 | |
| vmware | player | 2.0.1 | |
| vmware | player | 2.0.2 | |
| vmware | server | 1.0.3 | |
| vmware | vmware_server | 1.0.2 | |
| vmware | vmware_server | 1.0.4 | |
| vmware | vmware_workstation | 5.5.5 | |
| vmware | vmware_workstation | 6.0.1 | |
| vmware | vmware_workstation | 6.0.2 | |
| vmware | workstation | 5.5 | |
| vmware | workstation | 5.5.3_build_34685 | |
| vmware | workstation | 5.5.3_build_42958 | |
| vmware | workstation | 5.5.4 | |
| vmware | workstation | 5.5.4_build_44386 | |
| vmware | workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
"matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*",
"matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger \"memory exhaustion and memory corruption.\""
},
{
"lang": "es",
"value": "Virtual Machine Communication Interface (VMCI) en VMware Workstation versiones 6.0.x anteriores a 6.0.3, VMware Player versiones 2.0.x anterirores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema operativo del servidor) mediante llamadas VMCI especialmente construidas que provocan el agotamiento y la corrupci\u00f3n de la memoria."
}
],
"id": "CVE-2008-1340",
"lastModified": "2024-11-21T00:44:18.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-20T00:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019624"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28289"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41250"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-21 19:17
Modified
2024-11-21 00:24
Severity ?
Summary
The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers "corrupt stack memory."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | * | |
| vmware | ace | * | |
| vmware | player | * | |
| vmware | player | * | |
| vmware | server | * | |
| vmware | workstation | * | |
| vmware | workstation | * | |
| vmware | esx | 2.0.2 | |
| vmware | esx | 2.1.3 | |
| vmware | esx | 2.5.3 | |
| vmware | esx | 2.5.4 | |
| vmware | esx | 3.0.0 | |
| vmware | esx | 3.0.1 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 6.10 | |
| canonical | ubuntu_linux | 7.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE329FB-74A5-4D8C-B5D5-C6063CAAB479",
"versionEndExcluding": "1.0.3",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310A0A72-A709-407D-A68D-24EF59EEC553",
"versionEndExcluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B87BD440-71B2-4D1C-B22A-A661D01928C0",
"versionEndExcluding": "1.0.5",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35A00737-2932-4877-8E02-1F9534C6FBAE",
"versionEndExcluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02269212-A8EE-4BB2-8C6E-122953AAFB83",
"versionEndExcluding": "1.0.4",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27920879-1408-4514-BA3F-B31DD69FACA2",
"versionEndExcluding": "5.5.5",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACA1016-EAC5-4210-ABDC-C2499F2841EA",
"versionEndExcluding": "6.0.1",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "796BEFD3-F30A-4397-BC3E-1156DE47CA4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9F768C-5549-4498-8C5D-13BC5046B721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01BB3005-A185-4701-945E-8E14A23A016F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BA6DF4-4D53-482A-8820-B9B0E6EBD51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "974D84A6-F5AB-4F0A-B9B5-9095A0E4733C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3613B7-CA1B-4C9A-9076-A2894202DDA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers \"corrupt stack memory.\""
},
{
"lang": "es",
"value": "El servidor DHCP en EMC VMware Workstation anterior a 5.5.5 construcci\u00f3n 56455 y 6.x anterior a 6.0.1 construcci\u00f3n 55017, Player anterior a 1.0.5 construcci\u00f3n 56455 y Player 2 anterior a2.0.1 construcci\u00f3n 55017, ACE anterior a1.0.3 construcci\u00f3n 54075 y ACE 2 anterior a2.0.1 construcci\u00f3n 55017, y Server anterior a 1.0.4 construcci\u00f3n 56528 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3na trav\u00e9s de un paquete malformado que dispara \"corrupci\u00f3n de memoria basado en pila\"."
}
],
"id": "CVE-2007-0061",
"lastModified": "2024-11-21T00:24:52.690",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-21T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.iss.net/threats/275.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33101"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of dhcp as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\n",
"lastModified": "2008-06-03T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-04 18:56
Modified
2024-11-21 01:53
Severity ?
Summary
lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.1 | |
| vmware | workstation | 9.0 | |
| vmware | workstation | 9.0.1 | |
| vmware | workstation | 9.0.2 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 | |
| vmware | player | 5.0 | |
| vmware | player | 5.0.1 | |
| vmware | player | 5.0.2 | |
| vmware | fusion | 5.0 | |
| vmware | fusion | 5.0.1 | |
| vmware | fusion | 5.0.2 | |
| vmware | fusion | 5.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7217CBE1-3882-4045-A15C-EE7D4174CA00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B439F706-27F8-4238-9396-B460EB78B6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B87CF2A3-422B-4B5C-9E90-382FF6373F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF4A5B6-C3E5-47B4-BC9E-14F544E3393E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "364FBB12-E292-47BB-8D26-CED34232A135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBF8C7B-7034-47B4-B84A-6987EB7B4DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "277B926D-C575-4526-9F0C-A1D6EAF2AA2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EEF165A-4E09-4FF0-A577-FF429BCCF588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC22BC2-DC74-4322-929C-7F82C083C1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8954CF-E90D-4C6C-ACCE-4A2B24B7BB1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF942219-A2F4-4ABC-8356-3626A9898075",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation."
},
{
"lang": "es",
"value": "Igtosync.sys en VMware Workstation 9.x anteriores a 9.0.3 y VMware Player 5.x anteriores a 5.0.3, VMware Fusion 5.x anteriores a 5.0.4, VMware ESXi 4.0 hasta 5.1, y VMware ESX 4.0 y 4.1, cuando se utiliza un Windows 32-bit invitado, permite a usuarios de los sistemas operativos invitados ganar privilegios del sistema operativo invitado a trav\u00e9s de una aplicaci\u00f3n que ejecuta una reserva de memoria manipulada."
}
],
"id": "CVE-2013-3519",
"lastModified": "2024-11-21T01:53:48.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-04T18:56:56.413",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0014.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-12 18:30
Modified
2024-11-21 01:02
Severity ?
Summary
Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | movie_decoder | 6.5.3 | |
| microsoft | windows | * | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CE79F3F7-A21A-4CAA-BB0D-2955299EE8E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en vmnc.dll en VMnc media codec en VMware Movie Decoder anterior a v6.5.4 build 246459 en Windows, y el descodificador de cine en VMware Workstation v6.5.x anterior a v6.5.4 build 246459, VMware Player v2.5.x anterior a v2.5.4 build 246459, y VMware Server v2.x en Windows, permite a atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n mediante un archivo AVI con trozos de v\u00eddeo manipulados que utilizan la codificaci\u00f3n HexTile."
}
],
"id": "CVE-2009-1564",
"lastModified": "2024-11-21T01:02:47.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-12T18:30:00.350",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=866"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/63614"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36712"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/39363"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securitytracker.com/id?1023838"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/63614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-36/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-04 16:55
Modified
2024-11-21 01:39
Severity ?
Summary
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.2 | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | fusion | 4.0 | |
| vmware | fusion | 4.0.1 | |
| vmware | fusion | 4.0.2 | |
| vmware | fusion | 4.1 | |
| vmware | fusion | 4.1.1 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 5.0 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60234129-7F7F-49FA-A425-CDAB4D09AB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB73EC4-F3CE-428B-BA40-47FB21181543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "927863C2-5A61-4137-83AC-6CF3F2958941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F74559CB-6E52-421F-88F3-739913C26C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4870DAA2-6670-47EF-BF74-6E39B92E75DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE88D8C-9CC3-46D1-9F26-290BC679F47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:1:*:*:*:*:*:*",
"matchCriteriaId": "58ED8AB4-0FDF-4752-B44E-56F58593CE41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*",
"matchCriteriaId": "0A4E41C0-31FA-47AA-A9BF-B9A6C1D44801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF016EE7-083A-4D62-A6D4-2807EB47B6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*",
"matchCriteriaId": "8F11844A-3C6C-4AA5-87DC-979AFF62867A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*",
"matchCriteriaId": "AC463653-A599-45CF-8EA9-8854D5C59963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*",
"matchCriteriaId": "4DC5C2BF-6EC6-436F-A925-469E87249C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*",
"matchCriteriaId": "7BCE5DA9-BB88-4169-B77C-40B1F98D511A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF29100-E124-4416-95CF-18B4246D43F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "37A5D726-3D38-44D5-B509-1B8B003903A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "A4DA3B20-A743-4F37-A095-65161FFBEB73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "FF7C3C65-BE63-407E-9CFD-E571025C3E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS."
},
{
"lang": "es",
"value": "VMware Workstation v8.x antes de v8.0.3, VMware Player v4.x antes de v4.0.3 VMware Fusion v4.x, antes de v4.1.2, VMware ESXi v3.5 hasta v5.0 y VMware ESX v3.5 hasta v4.1 no registra correctamente los dispositivos SCSI, lo que permite a los usuarios invitados del sistema operativo causar una denegaci\u00f3n de servicio (operaci\u00f3n de escritura no v\u00e1lida y ca\u00edda del proceso VMX) o posiblemente ejecutar c\u00f3digo arbitrario en el sistema operativo anfitri\u00f3n mediante el aprovechamiento de privilegios de administrador en el sistema operativo invitado."
}
],
"id": "CVE-2012-2450",
"lastModified": "2024-11-21T01:39:07.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-04T16:55:01.577",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/81695"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/49032"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53369"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027019"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75377"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16852"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2024-11-21 00:49
Severity ?
Summary
Unspecified vulnerability in the OpenProcess function in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 on Windows allows local host OS users to gain privileges on the host OS via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "799650A4-BD6F-40EF-889B-6ED50E05CCA8",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E196532F-3B8D-4DAB-9DBA-FE204D3A07A9",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B553A95A-C3D3-4A01-80D6-2F656BA26BF3",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9",
"versionEndExcluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the OpenProcess function in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 on Windows allows local host OS users to gain privileges on the host OS via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la funci\u00f3n OpenProcess de VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, and VMware Server versiones anteriores a 1.0.7 build 108231 en Windows permite a usuarios locales del SO anfitri\u00f3n conseguir privilegios en el SO anfitri\u00f3n a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2008-3698",
"lastModified": "2024-11-21T00:49:54.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-03T14:12:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1020790"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30936"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1020790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44795"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-12 18:30
Modified
2024-11-21 01:02
Severity ?
Summary
vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | movie_decoder | 6.5.3 | |
| microsoft | windows | * | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CE79F3F7-A21A-4CAA-BB0D-2955299EE8E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to \"integer truncation errors.\""
},
{
"lang": "es",
"value": "vmnc.dll en el codec multimedia VMnc anteriores a v6.5.4 Build 246459 en Windows, y el decodificados de video en VMware Workstation v6.5.x anteriores a v6.5.4 build 246459, VMware Player v2.5.x anteriores a v2.5.4 build 246459, y VMware Server v2.x en Windows, permite a atacantes remotos ejecutar c\u00f3digo de forma arbitraria a traves de un fichero avi con trozos de v\u00eddeo codificado HexTile manipulado lo que inicia un desbordamiento de b\u00fafer de memoria din\u00e1mica, relacionado con los errores de truncado de entero."
}
],
"id": "CVE-2009-1565",
"lastModified": "2024-11-21T01:02:47.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-12T18:30:00.383",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36712"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.osvdb.org/63615"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/39364"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securitytracker.com/id?1023838"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-37/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/63615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-10-16 16:30
Modified
2024-11-21 01:08
Severity ?
Summary
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\xFF sequence in the USER and PASS commands, related to a "format string DoS" issue. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 2.5.0 | |
| vmware | ace | 2.5.1 | |
| vmware | ace | 2.5.2 | |
| vmware | ace | 2.5.3 | |
| vmware | ace | 2.5.4 | |
| vmware | ace | 2.6 | |
| vmware | ace | 2.6.1 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| vmware | player | 2.5.4 | |
| vmware | player | 3.0 | |
| vmware | player | 3.0.1 | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| vmware | workstation | 6.5.4 | |
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCA2A03-0A31-4290-987A-BE715758BA95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB84B42-8C68-4B65-93F9-287B699B7540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E87681DB-CBD8-46A6-BD9A-FB621B627B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3997440A-B731-4F26-A90B-BB14A8F93E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "656039E8-8082-4208-B046-518D95769B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A115959-9CDA-45ED-9002-BA1A31074E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3684F0D0-B8BE-442B-AA27-0A485E6BFFAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \\x25\\xFF sequence in the USER and PASS commands, related to a \"format string DoS\" issue. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "VMware Authentication Daemon versi\u00f3n 1.0 en el archivo vmware-authd.exe en el Servicio de Autorizaci\u00f3n de VMware en VMware Workstation versiones 7.0 anteriores a 7.0.1 build 227600 y versiones 6.5.x anteriores a 6.5.4 build 246459, VMware Player versiones 3.0 anteriores a 3.0.1 build 227600 y versiones 2.5.x anteriores a 2.5.4 build 246459, VMware ACE versiones 2.6 anteriores a 2.6.1 build 227600 y versiones 2.5.x anteriores a 2.5.4 build 246459, y VMware Server versiones 2.x, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo del proceso) por medio de una secuencia de \\x25\\xFF en los comandos USER y PASS, relacionada con un problema de \"format string DoS\". NOTA: algunos de estos datos fueron obtenidos de la informaci\u00f3n de terceros."
}
],
"id": "CVE-2009-3707",
"lastModified": "2024-11-21T01:08:00.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-10-16T16:30:00.907",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36988"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39206"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39215"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1022997"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36630"
},
{
"source": "cve@mitre.org",
"tags": [
"URL Repurposed"
],
"url": "http://www.shinnai.net/exploits/abFwcLOuFqmD20yqhYpQ.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"URL Repurposed"
],
"url": "http://www.shinnai.net/index.php?mod=02_Forum\u0026group=02_Bugs_and_Exploits\u0026argument=01_Remote\u0026topic=1254924405.ff.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"URL Repurposed"
],
"url": "http://www.shinnai.net/xplits/TXT_JtYUv6C6j5b6Bw6iIkF4.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1022997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"URL Repurposed"
],
"url": "http://www.shinnai.net/exploits/abFwcLOuFqmD20yqhYpQ.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"URL Repurposed"
],
"url": "http://www.shinnai.net/index.php?mod=02_Forum\u0026group=02_Bugs_and_Exploits\u0026argument=01_Remote\u0026topic=1254924405.ff.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"URL Repurposed"
],
"url": "http://www.shinnai.net/xplits/TXT_JtYUv6C6j5b6Bw6iIkF4.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-21 21:17
Modified
2024-11-21 00:38
Severity ?
Summary
Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | player | * | |
| vmware | player | * | |
| vmware | workstation | * | |
| vmware | workstation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAB76F0-194A-49C2-9B11-40626D5FE144",
"versionEndExcluding": "1.0.5",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35A00737-2932-4877-8E02-1F9534C6FBAE",
"versionEndExcluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27920879-1408-4514-BA3F-B31DD69FACA2",
"versionEndExcluding": "5.5.5",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACA1016-EAC5-4210-ABDC-C2499F2841EA",
"versionEndExcluding": "6.0.1",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el VMware Player 1.0.x anterior a la 1.0.5 y la 2.0 anterior a la 2.0.1;y el Workstation 5.x anterior a la 5.5.5 y la 6.x anterior a la 6.0.1, evitando su lanzamiento, lo que tiene un impacto desconocido, relacionado con las im\u00e1genes de m\u00e1quina virtual no confiables."
}
],
"id": "CVE-2007-5617",
"lastModified": "2024-11-21T00:38:19.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-21T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-12 18:30
Modified
2024-11-21 01:13
Severity ?
Summary
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| microsoft | windows | * | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| microsoft | windows | * | |
| vmware | ace | 2.5.0 | |
| vmware | ace | 2.5.1 | |
| vmware | ace | 2.5.2 | |
| vmware | ace | 2.5.3 | |
| microsoft | windows | * | |
| vmware | server | 2.0.0 | |
| vmware | server | 2.0.1 | |
| vmware | server | 2.0.2 | |
| microsoft | windows | * | |
| vmware | fusion | 2.0 | |
| vmware | fusion | 2.0.1 | |
| vmware | fusion | 2.0.2 | |
| vmware | fusion | 2.0.3 | |
| vmware | fusion | 2.0.4 | |
| vmware | fusion | 2.0.5 | |
| vmware | fusion | 3.0 | |
| microsoft | windows | * | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| microsoft | windows | * | |
| vmware | esx | 2.5.5 | |
| vmware | esx | 3.0.3 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCA2A03-0A31-4290-987A-BE715758BA95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55EBD95F-3DF7-49F3-A7AA-47085E0B7C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DA47C9-3D1A-49A7-8976-AE05D6730673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "692CC131-5C6C-4AD6-B85C-07DF21168BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "617EFBFF-D047-4A0B-ACB6-83B27710F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D0DF91-17E8-45D4-B625-737FE50C23CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26B7268F-A170-4366-9196-E73A956883DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BDAA7C8-8F2F-4037-A517-2C1EDB70B203",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B037838B-072E-4676-9E5D-86F5BC207512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6F7416-E694-4EC9-9FE5-0C24448ECB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk."
},
{
"lang": "es",
"value": "VMware Tools en VMware Workstation v6.5.x anterior v6.5.4 build 246459; VMware Player v2.5.x anterior v2.5.4 build 246459; VMware ACE v2.5.x anterior v2.5.4 build 246459; VMware Server v2.x anterior v2.0.2 build 203138; VMware Fusion v2.x anterior v2.0.6 build 246742; VMware ESXi v3.5 y v4.0; y VMware ESX v2.5.5, v3.0.3, v3.5, y v4.0 no cargan adecuadamente los programas VMware, lo que puede permitir a usuarios de petici\u00f3n de sistemas operativos Windows obtener privilegios estableciendo un troyano en una direcci\u00f3n no especificada en el disco de petici\u00f3n OS."
}
],
"id": "CVE-2010-1142",
"lastModified": "2024-11-21T01:13:44.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-12T18:30:00.710",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39198"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/39394"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023832"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023833"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.acrossecurity.com/aspr/ASPR-2010-04-12-2-PUB.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39394"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-06 15:30
Modified
2024-11-21 01:01
Severity ?
Summary
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2786E370-6108-4695-B0A8-9F19D8E3C0C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en VNnc Codec en VMware Workstation 6.5.x versiones anteriores a v6.5.2 build 156735, VMware Player 2.5.x versiones anteriores a v2.5.2 build 156735, VMware ACE 2.5.x versiones anteriores a v2.5.2 build 156735, y VMware Server 2.0.x versiones anteriores a v2.0.1 build 156745 permite ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un p\u00e1gina web manipulada o fichero de video, tambi\u00e9n conocido como ZDI-CVE-436."
}
],
"id": "CVE-2009-0910",
"lastModified": "2024-11-21T01:01:12.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-06T15:30:04.390",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021974"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5786"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-14 12:30
Modified
2024-11-21 01:41
Severity ?
Summary
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ovf_tool | 2.1 | |
| microsoft | windows | * | |
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.0.18997 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.1.27038 | |
| vmware | workstation | 8.0.2 | |
| vmware | workstation | 8.0.3 | |
| vmware | workstation | 8.0.4 | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.0.18997 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | player | 4.0.3 | |
| vmware | player | 4.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ovf_tool:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C11FA19-ABFD-4018-8356-F944EF4047F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "01483038-BC89-44BA-B07B-362FC5D7E8C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*",
"matchCriteriaId": "B671AC17-7064-4541-ADB3-FCD72109C766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21644868-F1B0-4A8E-BE73-4F42BEB8E834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4944D9B1-A48B-4F32-951E-BEC3FEAC45FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "81AFBBE6-0B3B-44DB-BBEB-08C8B2C39038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5FD2D7-9928-437B-8988-4FC955DE4F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2932689-76D4-4907-9CF9-AD8F6B801579",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file."
},
{
"lang": "es",
"value": "Vulnerabilidad de formato de cadena en VMware OVF Tool v2.1 en Windows, tal y como se utiliza en VMware Workstation v8x antes de v8.0.5, v4.x VMware Player antes de v4.0.5, y otros productos, permite ejecutar c\u00f3digo de su elecci\u00f3n a atacantes remotos asistidos por un usuario local a trav\u00e9s de un archivo OVF debidamente modificado.\r\n"
}
],
"id": "CVE-2012-3569",
"lastModified": "2024-11-21T01:41:09.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-11-14T12:30:59.257",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/87117"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/120101/VMWare-OVF-Tools-Format-String.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/51240"
},
{
"source": "cve@mitre.org",
"url": "http://technet.microsoft.com/en-us/security/msvr/msvr13-002"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/87117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/120101/VMWare-OVF-Tools-Format-String.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://technet.microsoft.com/en-us/security/msvr/msvr13-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79922"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-13 14:59
Modified
2024-11-21 02:27
Severity ?
Summary
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | fusion | 6.0 | |
| vmware | fusion | 6.0.1 | |
| vmware | fusion | 6.0.2 | |
| vmware | fusion | 6.0.3 | |
| vmware | fusion | 6.0.4 | |
| vmware | fusion | 6.0.5 | |
| vmware | fusion | 7.0 | |
| vmware | fusion | 7.0.1 | |
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 | |
| vmware | player | 6.0.5 | |
| vmware | player | 7.0 | |
| vmware | player | 7.1 | |
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 | |
| vmware | workstation | 10.0.5 | |
| vmware | workstation | 11.0 | |
| vmware | workstation | 11.1 | |
| vmware | horizon_client | 3.2.0 | |
| vmware | horizon_client | 3.3 | |
| vmware | horizon_view_client | 5.4 | |
| vmware | horizon_view_client | 5.4.1 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BF84FD-2666-48F4-AEA6-4F2B30AF95BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184E7883-BBAD-4687-881A-69F0A5341ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFDBFB-3776-4615-AF3B-FCBD6840A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA730B34-3F72-451D-9960-DF44821A001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67198AB1-95B1-4ECC-A4CE-E2EAE688E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "85A09E65-9C4C-42FD-A1B0-E925A905875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92275180-52FC-48DE-947C-3AE1B87AF2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF002E-10E1-4405-8C55-BD91AD45B891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5D0FC7-8389-4B1D-BDBD-3017E5740F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93872771-BD86-4707-926B-F6C3577C33A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B52D8903-B853-43A2-88C3-D79BBA70F8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71B0563B-F300-448D-8450-9B7B862F4560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "492D7AD2-D660-48F5-A9BE-28CCA6A6B658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90F0250C-EE18-486B-90D7-348FEF01C2D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BA06B-60FB-456B-A4BF-401F82E88BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F0EB9C-6734-4A8E-84FA-E618B2FC5942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E82AFF09-F9F6-486B-9299-3852EBD9B333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9391EA21-2A10-445A-B88A-103025C9A343",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors."
},
{
"lang": "es",
"value": "TPInt.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6 y 7.x anterior a 7.1.1, y VMware Horizon Client 3.2.x anterior a 3.2.1, 3.3.x, y 5.x local-mode anterior a 5.4.2 en Windows no reserva correctamente memoria, lo que permite a usuarios del sistema operativo invitado ejecutar c\u00f3digo arbitrario en el sistema operativo anfitri\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-2337",
"lastModified": "2024-11-21T02:27:14.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-13T14:59:00.997",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75095"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-13 14:59
Modified
2024-11-21 02:27
Severity ?
Summary
TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors, a different vulnerability than CVE-2012-0897.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | fusion | 6.0 | |
| vmware | fusion | 6.0.1 | |
| vmware | fusion | 6.0.2 | |
| vmware | fusion | 6.0.3 | |
| vmware | fusion | 6.0.4 | |
| vmware | fusion | 6.0.5 | |
| vmware | fusion | 7.0 | |
| vmware | fusion | 7.0.1 | |
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 | |
| vmware | player | 6.0.5 | |
| vmware | player | 7.0 | |
| vmware | player | 7.1 | |
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 | |
| vmware | workstation | 10.0.5 | |
| vmware | workstation | 11.0 | |
| vmware | workstation | 11.1 | |
| vmware | horizon_client | 3.2.0 | |
| vmware | horizon_client | 3.3 | |
| vmware | horizon_view_client | 5.4 | |
| vmware | horizon_view_client | 5.4.1 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BF84FD-2666-48F4-AEA6-4F2B30AF95BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184E7883-BBAD-4687-881A-69F0A5341ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFDBFB-3776-4615-AF3B-FCBD6840A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA730B34-3F72-451D-9960-DF44821A001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67198AB1-95B1-4ECC-A4CE-E2EAE688E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "85A09E65-9C4C-42FD-A1B0-E925A905875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92275180-52FC-48DE-947C-3AE1B87AF2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF002E-10E1-4405-8C55-BD91AD45B891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5D0FC7-8389-4B1D-BDBD-3017E5740F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93872771-BD86-4707-926B-F6C3577C33A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B52D8903-B853-43A2-88C3-D79BBA70F8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71B0563B-F300-448D-8450-9B7B862F4560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "492D7AD2-D660-48F5-A9BE-28CCA6A6B658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90F0250C-EE18-486B-90D7-348FEF01C2D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BA06B-60FB-456B-A4BF-401F82E88BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F0EB9C-6734-4A8E-84FA-E618B2FC5942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E82AFF09-F9F6-486B-9299-3852EBD9B333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9391EA21-2A10-445A-B88A-103025C9A343",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors, a different vulnerability than CVE-2012-0897."
},
{
"lang": "es",
"value": "TPView.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6 y 7.x anterior a 7.1.1, y VMware Horizon Client 3.2.x anterior a 3.2.1, 3.3.x, y 5.x local-mode anterior a 5.4.2 en Windows no reserva correctamente memoria, lo que permite a usuarios del sistema operativo invitado ejecutar c\u00f3digo arbitrario sobre el sistema operativo anfitri\u00f3n a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2012-0897."
}
],
"id": "CVE-2015-2336",
"lastModified": "2024-11-21T02:27:14.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-13T14:59:00.077",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75095"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-21 19:17
Modified
2024-11-21 00:35
Severity ?
Summary
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | * | |
| vmware | ace | * | |
| vmware | player | * | |
| vmware | player | * | |
| vmware | server | * | |
| vmware | workstation | * | |
| vmware | workstation | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 6.10 | |
| canonical | ubuntu_linux | 7.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A98FBF6-45D0-48BC-8E24-8C7F136F53AB",
"versionEndIncluding": "1.0.3",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC4028C2-4A8A-41E3-9B58-5E48CEFC7F99",
"versionEndIncluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF86A1B-FC17-4CB4-9F3C-726491C117BB",
"versionEndIncluding": "1.0.5",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA625B0B-2837-4B5A-9B36-FC77CF0748AC",
"versionEndIncluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "574C5392-7607-4F34-A661-CF618AA52BC4",
"versionEndIncluding": "1.0.4",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7F4F51-A9B8-4CA9-AE2C-458E61DB9D47",
"versionEndIncluding": "5.5.5",
"versionStartIncluding": "5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40975D44-E804-4A1C-9577-18D7DE1051E5",
"versionEndIncluding": "6.0.1",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en EMC VMware Workstation anterior a 5.5.5 construcci\u00f3n 56455 and 6.x anterior a 6.0.1 construcci\u00f3n 55017, Player anterior a 1.0.5 construcci\u00f3n 56455 and Player 2 anterior a 2.0.1 construcci\u00f3n 55017, ACE anterior a 1.0.3 construcci\u00f3n 54075 and ACE 2 anterior a 2.0.1 construcci\u00f3n 55017, and Server anterior a 1.0.4 construcci\u00f3n 56528 permite a usuarios validados con privilegios de administrador sobre un sistema operativo invitado corromper su memoria y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n sobre el sistema operativo alojador a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2007-4496",
"lastModified": "2024-11-21T00:35:44.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.5,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-21T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25728"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018718"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-26 00:44
Modified
2024-11-21 00:43
Severity ?
Summary
Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 1.0 | |
| vmware | ace | 1.0.2 | |
| vmware | ace | 2.0 | |
| vmware | ace | 2.0.1 | |
| vmware | ace | 2.0.2 | |
| vmware | player | 1.0.4 | |
| vmware | vmware_player | 1.0.1_build_19317 | |
| vmware | vmware_player | 1.0.2 | |
| vmware | vmware_player | 1.0.3 | |
| vmware | vmware_workstation | 6.0.1 | |
| vmware | vmware_workstation | 6.0.2 | |
| vmware | workstation | 4.5.2 | |
| vmware | workstation | 5.5.3_build_34685 | |
| vmware | workstation | 5.5.4 | |
| vmware | workstation | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D22E40D-C362-49FD-924C-262A64555934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A48CEB4-5864-4A0F-B14C-CFE4699C3311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.1_build_19317:*:*:*:*:*:*:*",
"matchCriteriaId": "7764D48A-2D43-413F-9214-AE754DDCF68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "65DD6966-72EA-4C4D-BC90-B0D534834BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFC9B7A-8A40-467B-9102-EE5259EC4D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FE7C5-2C46-4B59-9242-A03B986C07DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
"matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a \"%c0%2e%c0%2e\" string."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en la caracter\u00edstica de Archivos Compartidos de VMWare ACE 1.0.2 y 2.0.2, Player 1.0.4 y 2.0.2, y Workstation 5.5.4 y 6.0.2 permite a usuarios de SO invitados leer y escribir archivos de su elecci\u00f3n en el SO anfitri\u00f3n a trav\u00e9s de una cadena multibyte que produce una cadena de caracteres ancha que contiene secuencias de .. (punto punto), lo que evita el mecanismo de protecci\u00f3n, como se demostr\u00f3 usando una cadena \"%c0%2e%c0%2e\"."
}
],
"id": "CVE-2008-0923",
"lastModified": "2024-11-21T00:43:14.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-02-26T00:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060457.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29117"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3700"
},
{
"source": "cve@mitre.org",
"url": "http://www.coresecurity.com/?action=item\u0026id=2129"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488725/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27944"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019493"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0679"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060457.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.coresecurity.com/?action=item\u0026id=2129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488725/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40837"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-13 14:59
Modified
2024-11-21 02:27
Severity ?
Summary
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | fusion | 6.0 | |
| vmware | fusion | 6.0.1 | |
| vmware | fusion | 6.0.2 | |
| vmware | fusion | 6.0.3 | |
| vmware | fusion | 6.0.4 | |
| vmware | fusion | 6.0.5 | |
| vmware | fusion | 7.0 | |
| vmware | fusion | 7.0.1 | |
| vmware | fusion | 7.1.0 | |
| vmware | fusion | 7.1.1 | |
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 | |
| vmware | player | 6.0.5 | |
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BF84FD-2666-48F4-AEA6-4F2B30AF95BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184E7883-BBAD-4687-881A-69F0A5341ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFDBFB-3776-4615-AF3B-FCBD6840A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA730B34-3F72-451D-9960-DF44821A001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67198AB1-95B1-4ECC-A4CE-E2EAE688E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "85A09E65-9C4C-42FD-A1B0-E925A905875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92275180-52FC-48DE-947C-3AE1B87AF2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF002E-10E1-4405-8C55-BD91AD45B891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "665657BA-143E-4873-9FFC-B984445D7266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9E4C16-838C-4302-A4E7-A79878070519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5D0FC7-8389-4B1D-BDBD-3017E5740F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.6, and VMware Fusion 6.x before 6.0.6 and 7.x before 7.0.1 allow attackers to cause a denial of service against a 32-bit guest OS or 64-bit host OS via a crafted RPC command."
},
{
"lang": "es",
"value": "VMware Workstation 10.x anterior a 10.0.5, VMware Player 6.x anterior a 6.0.6, y VMware Fusion 6.x anterior a 6.0.6 y 7.x anterior a 7.0.1 permiten a atacantes causar una denegaci\u00f3n de servicio sobre un sistema operativo invitado de 32 bits o sobre un sistema operativo anfitri\u00f3n de 64 bits a trav\u00e9s de un comando RPC manipulado."
}
],
"id": "CVE-2015-2341",
"lastModified": "2024-11-21T02:27:15.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-13T14:59:04.637",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75094"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-06 19:54
Modified
2024-11-21 00:51
Severity ?
Summary
The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F29FCDD4-79B7-4047-997D-0AB10226072D",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC7AFE3-A672-43B2-A77A-8C240198029B",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C75330AD-47BB-408C-A407-3685891A98BF",
"versionEndIncluding": "3.5",
"versionStartIncluding": "2.5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address."
},
{
"lang": "es",
"value": "La emulaci\u00f3n de hardware de CPU para sistemas operativos invitados de 64 bits en VMware Workstation versi\u00f3n 6.0.x anterior a 6.0.5 build 109488 y versi\u00f3n 5.x anterior a 5.5.8 build 108000; Player versi\u00f3n 2.0.x anterior a 2.0.5 build 109488 y versi\u00f3n 1.x anterior a 1.0.8; Server versi\u00f3n 1.x anterior a 1.0.7 build 108231; y ESX versi\u00f3n 2.5.4 anterior a 3.5, permite a los usuarios del sistema operativo invitado autenticado conseguir privilegios adicionales del sistema operativo invitado mediante la activaci\u00f3n de una excepci\u00f3n que hace que la CPU virtual realice un salto indirecto a una direcci\u00f3n no can\u00f3nica."
}
],
"id": "CVE-2008-4279",
"lastModified": "2024-11-21T00:51:18.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-06T19:54:36.513",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32157"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32179"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32180"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31569"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020991"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45668"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/064860.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122331139823057\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/497041/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5929"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-24 01:55
Modified
2024-11-21 01:50
Severity ?
Summary
vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.0.18997 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.1.27038 | |
| vmware | workstation | 8.0.2 | |
| vmware | workstation | 8.0.3 | |
| vmware | workstation | 8.0.4 | |
| vmware | workstation | 8.0.5 | |
| vmware | workstation | 8.0.6 | |
| vmware | workstation | 9.0 | |
| vmware | workstation | 9.0.1 | |
| vmware | workstation | 9.0.2 | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.0.18997 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | player | 4.0.3 | |
| vmware | player | 4.0.4 | |
| vmware | player | 4.0.5 | |
| vmware | player | 4.0.6 | |
| vmware | player | 5.0 | |
| vmware | player | 5.0.1 | |
| vmware | player | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "01483038-BC89-44BA-B07B-362FC5D7E8C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*",
"matchCriteriaId": "B671AC17-7064-4541-ADB3-FCD72109C766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21644868-F1B0-4A8E-BE73-4F42BEB8E834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4944D9B1-A48B-4F32-951E-BEC3FEAC45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0E57BCAA-86E0-4AE1-B30E-1F928CE9E289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "29CBDF44-B9F6-402D-A34C-7B5B16367F8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B439F706-27F8-4238-9396-B460EB78B6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B87CF2A3-422B-4B5C-9E90-382FF6373F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF4A5B6-C3E5-47B4-BC9E-14F544E3393E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "81AFBBE6-0B3B-44DB-BBEB-08C8B2C39038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5FD2D7-9928-437B-8988-4FC955DE4F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2932689-76D4-4907-9CF9-AD8F6B801579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE4D64-35A5-46B5-907B-C4ADA14E1288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4504C4BD-ED32-445C-9957-2BC3ABB29EDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "364FBB12-E292-47BB-8D26-CED34232A135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DEBF8C7B-7034-47B4-B84A-6987EB7B4DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "277B926D-C575-4526-9F0C-A1D6EAF2AA2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function."
},
{
"lang": "es",
"value": "vmware-mount en VMware Workstation v8.x y v9.x y VMware Player v4.x y v5.x, en sistemas basados en Debian GNU/Linux, permite a los usuarios del sistema operativo de host para obtener privilegios del sistema operativo de host manipulando la ruta del directorio del ejecutable lsb_release, relacionado con el uso de la librer\u00eda de funciones popen."
}
],
"evaluatorComment": "Per: http://www.vmware.com/security/advisories/VMSA-2013-0010.html\n\n\"The issue is present when Workstation or Player are installed on a Debian-based version of Linux.\"",
"id": "CVE-2013-1662",
"lastModified": "2024-11-21T01:50:06.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-24T01:55:04.017",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.cmpxchg8b.com/2013/08/security-debianisms.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.cmpxchg8b.com/2013/08/security-debianisms.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2013-0010.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-06 21:05
Modified
2024-11-21 01:20
Severity ?
Summary
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 | |
| vmware | workstation | 7.1 | |
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| linux | linux_kernel | - | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 | |
| vmware | player | 3.1.2 | |
| linux | linux_kernel | - | |
| vmware | server | 2.0.2 | |
| linux | linux_kernel | - | |
| vmware | fusion | 3.1 | |
| vmware | fusion | 3.1.1 | |
| vmware | fusion | 3.1.2 | |
| apple | mac_os_x | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files."
},
{
"lang": "es",
"value": "vmware-mount en VMware Workstation 7.x anteriores a la 7.1.2 build 301548 en Linux, VMware Player 3.1.x anteriores a la 3.1.2 build 301548 en Linux, VMware Server 2.0.2 en Linux, y VMware Fusion 3.1.x anteriores a la 3.1.2 build 332101 no carga apropiadamente las librer\u00edas, lo que permite a los usuarios del SO base escalar privilegios a trav\u00e9s de vectores que involucran ficheros objeto compartidos."
}
],
"id": "CVE-2010-4296",
"lastModified": "2024-11-21T01:20:37.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-06T21:05:49.437",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/69584"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42453"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42482"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/45168"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024820"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/69584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/45168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-05 20:32
Modified
2024-11-21 00:43
Severity ?
Summary
Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | esx_server | 2.5.5 | |
| vmware | esx_server | 3.1 | |
| vmware | esx_server | 3.2 | |
| vmware | esx_server | 3.3 | |
| vmware | esx_server | 3.5 | |
| vmware | esxi | 3.5 | |
| vmware | player | 1.0.0 | |
| vmware | player | 1.0.1 | |
| vmware | player | 1.0.2 | |
| vmware | player | 1.0.3 | |
| vmware | player | 1.0.4 | |
| vmware | player | 1.0.5 | |
| vmware | player | 1.0.6 | |
| vmware | player | 2.0 | |
| vmware | player | 2.0.1 | |
| vmware | player | 2.0.2 | |
| vmware | player | 2.0.3 | |
| vmware | server | 1.0.3 | |
| vmware | vmware_server | 1.0.0 | |
| vmware | vmware_server | 1.0.1 | |
| vmware | vmware_server | 1.0.2 | |
| vmware | vmware_server | 1.0.4 | |
| vmware | vmware_server | 1.0.5 | |
| vmware | vmware_workstation | 5.5.0 | |
| vmware | vmware_workstation | 5.5.2 | |
| vmware | vmware_workstation | 5.5.5 | |
| vmware | vmware_workstation | 5.5.6 | |
| vmware | vmware_workstation | 6.0.1 | |
| vmware | vmware_workstation | 6.0.2 | |
| vmware | vmware_workstation | 6.0.3 | |
| vmware | workstation | 5.5.1 | |
| vmware | workstation | 5.5.3 | |
| vmware | workstation | 5.5.4 | |
| vmware | workstation | 6.0 | |
| vmware | esx | 3.0.0 | |
| vmware | esx | 3.0.1 | |
| vmware | esx | 3.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx_server:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADCA876-2B69-4267-8467-E7E470428D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB4346ED-5837-4784-8D87-6C148BA4AAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx_server:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15063D48-B55F-41C4-8AE3-CB96F1F1BB86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx_server:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D40A48BB-A2E5-4D27-8E11-DE9D1CF08FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx_server:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16EFF4E2-CA32-4FA4-AC4B-82D8C50769D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E76D03A3-DB55-48A2-B5A5-64002D28B95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAC68CA-DCA3-4399-807D-E7AC67C9C3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA35C066-90A9-4DE2-A97A-38A6CFC59A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3F9D4D-2116-49A7-9292-AF6B4456E175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8230EFE6-8AB6-41DF-9A46-CAE4E5BB7F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6F9A4A-41B0-48D9-B60C-EBF4EF899953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270D5FAD-A226-4F6F-BF0B-2C6D91C525D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "504CD24F-2EC6-45C0-8E46-69BAE8483521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6B32C157-020F-400B-970C-B93CF573EB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "02EBBFDD-AC46-481A-8DA7-64619B447637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "974D84A6-F5AB-4F0A-B9B5-9095A0E4733C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3613B7-CA1B-4C9A-9076-A2894202DDA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7ECF1C-285C-4AA3-8B66-28EDAB0763E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file."
},
{
"lang": "es",
"value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en vmware-authd en VMware Workstation versi\u00f3n 5.x anterior a 5.5.7 build 91707 y versi\u00f3n 6.x anterior a 6.0.4 build 93057, VMware Player versi\u00f3n 1.x anterior a 1.0.7 build 91707 y versi\u00f3n 2.x anterior a 2.0.4 build 93057, y VMware Server anterior a 1.0.6 build 91891 en Linux, y VMware ESXi versi\u00f3n 3.5 y VMware ESX versi\u00f3n 2.5.4 hasta 3.5, permite a los usuarios locales obtener privilegios por medio de una opci\u00f3n de path library en un archivo de configuraci\u00f3n."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html \r\n\u0027CWE-426: Untrusted Search Path\u0027",
"id": "CVE-2008-0967",
"lastModified": "2024-11-21T00:43:20.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-05T20:32:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30556"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3922"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020198"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29557"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2024-11-21 00:49
Severity ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3695.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "799650A4-BD6F-40EF-889B-6ED50E05CCA8",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E196532F-3B8D-4DAB-9DBA-FE204D3A07A9",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B553A95A-C3D3-4A01-80D6-2F656BA26BF3",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9",
"versionEndExcluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, and CVE-2008-3695."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en un cierto control ActiveX en VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, and VMware Server versiones anteriores a1.0.7 build 108231 tiene un impacto y vectores de ataque desconocidos, una vulnerabilidad diferente a CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, y CVE-2008-3695."
}
],
"id": "CVE-2008-3696",
"lastModified": "2024-11-21T00:49:53.857",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-03T14:12:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-31 11:17
Modified
2024-11-21 02:08
Severity ?
Summary
VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BF84FD-2666-48F4-AEA6-4F2B30AF95BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184E7883-BBAD-4687-881A-69F0A5341ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFDBFB-3776-4615-AF3B-FCBD6840A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*",
"matchCriteriaId": "7C5A1C2B-119E-49F3-B8E6-0610EE1C445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF29B5A4-6E4C-4EAE-BC6A-0DD44262EE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7217CBE1-3882-4045-A15C-EE7D4174CA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:1:*:*:*:*:*:*",
"matchCriteriaId": "9A405802-D786-46F9-9E29-C727F9FD480A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "469D98A5-7B8B-41BE-94C6-D6EF25388007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors."
},
{
"lang": "es",
"value": "VMware Tools en VMware Workstation 10.x anterior a 10.0.2, VMware Player 6.x anterior a 6.0.2, VMware Fusion 6.x anterior a 6.0.3 y VMware ESXi 5.0 hasta 5.5, cuando un sistema operativo invitado de Windows 8.1 est\u00e1 utilizado, permite a usuarios del sistema operativo invitado ganar privilegios del sistema operativo invitado o causar una denegaci\u00f3n de servicio (referencia a puntero nulo de kernel y ca\u00edda del sistema operativo invitado) a trav\u00e9s de vectores no especificados."
}
],
"evaluatorComment": "Per http://cwe.mitre.org/data/definitions/476.html\n\"CWE-476: NULL Pointer Dereference\"",
"id": "CVE-2014-3793",
"lastModified": "2024-11-21T02:08:51.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-31T11:17:13.560",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/126869/VMware-Security-Advisory-2014-0005.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/58894"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/532236/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030310"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030311"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/126869/VMware-Security-Advisory-2014-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/58894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/532236/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0005.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-06 15:30
Modified
2024-11-21 01:01
Severity ?
Summary
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-435.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2786E370-6108-4695-B0A8-9F19D8E3C0C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-435."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en VNnc Codec en VMware Workstation v6.5.x anteriores a v6.5.2 build 156735, VMware Player v2.5.x anteriores a v2.5.2 build 156735, VMware ACE v2.5.x anteriores a v2.5.2 build 156735, y VMware Server v2.0.x anteriores a v2.0.1 build 156745 permite a los atacantes remotos ejecutar arbitrariamente c\u00f3digo a trav\u00e9s de p\u00e1ginas web manipuladas o archivos de v\u00eddeo, tambi\u00e9n conocida como ZDI-CVE-435."
}
],
"id": "CVE-2009-0909",
"lastModified": "2024-11-21T01:01:12.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-06T15:30:04.377",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021974"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6251"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2024-11-21 00:44
Severity ?
Summary
The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9191386-10C0-48A2-B70C-6A047347B5A1",
"versionEndIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "389DA24B-6865-428D-8630-837A0D589891",
"versionEndIncluding": "2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors."
},
{
"lang": "es",
"value": "La configuraci\u00f3n por defecto de VMware Workstation 6.0.2, VMware Player versiones 2.0.x anteriores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite el acceso a la consola del sistema operativo cliente mediante llamadas an\u00f3nimas a la interfaz de programaci\u00f3n de aplicaciones VIX, teniendo un impacto y vectores de ataque desconocidos."
}
],
"id": "CVE-2008-1392",
"lastModified": "2024-11-21T00:44:26.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-20T00:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41551"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-09 02:59
Modified
2024-11-21 02:35
Severity ?
Summary
The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | player | 7.0 | |
| vmware | player | 7.1 | |
| vmware | player | 7.1.1 | |
| vmware | workstation | 11.0 | |
| vmware | workstation | 11.1 | |
| vmware | workstation | 11.1.1 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.1 | |
| vmware | esxi | 5.1 | |
| vmware | esxi | 5.5 | |
| vmware | esxi | 6.0 | |
| vmware | fusion | 7.0 | |
| vmware | fusion | 7.1 | |
| vmware | fusion | 7.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93872771-BD86-4707-926B-F6C3577C33A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B52D8903-B853-43A2-88C3-D79BBA70F8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78016ED4-AEA7-4E54-8986-E997000CD646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "492D7AD2-D660-48F5-A9BE-28CCA6A6B658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90F0250C-EE18-486B-90D7-348FEF01C2D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E33E15C-62ED-4E24-AB00-0632C8A90C6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*",
"matchCriteriaId": "7C5A1C2B-119E-49F3-B8E6-0610EE1C445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF29B5A4-6E4C-4EAE-BC6A-0DD44262EE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7217CBE1-3882-4045-A15C-EE7D4174CA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:1:*:*:*:*:*:*",
"matchCriteriaId": "9A405802-D786-46F9-9E29-C727F9FD480A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "469D98A5-7B8B-41BE-94C6-D6EF25388007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77ADEA-F0B8-4E5D-B965-39397F823075",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92275180-52FC-48DE-947C-3AE1B87AF2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D5FE8B-7826-4690-952A-1FD98B7B9275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9E4C16-838C-4302-A4E7-A79878070519",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors."
},
{
"lang": "es",
"value": "La implementaci\u00f3n VMware Tools HGFS (tambi\u00e9n conocida como Shared Folders) en VMware Workstation 11.x en versiones anteriores a 11.1.2, VMware Player 7.x en versiones anteriores a 7.1.2, VMware Fusion 7.x en versiones anteriores a 7.1.2 y VMware ESXi 5.0 hasta la versi\u00f3n 6.0 permite a usuarios de SO invitado de Windows obtener privilegios de SO invitado o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria del kernel del SO invitado) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-6933",
"lastModified": "2024-11-21T02:35:54.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-09T02:59:00.127",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034603"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034604"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0001.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-05 20:32
Modified
2024-11-21 00:38
Severity ?
Summary
HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\.\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 1.0.0 | |
| vmware | ace | 1.0.1 | |
| vmware | ace | 1.0.2 | |
| vmware | ace | 1.0.3 | |
| vmware | ace | 1.0.4 | |
| vmware | esx_server | 2.5.5 | |
| vmware | player | 1.0.4 | |
| vmware | server | 1.0.3 | |
| vmware | vmware_player | 1.0.0 | |
| vmware | vmware_player | 1.0.1 | |
| vmware | vmware_player | 1.0.2 | |
| vmware | vmware_player | 1.0.3 | |
| vmware | vmware_player | 1.0.5 | |
| vmware | vmware_server | 1.0.0 | |
| vmware | vmware_server | 1.0.1 | |
| vmware | vmware_server | 1.0.2 | |
| vmware | vmware_server | 1.0.4 | |
| vmware | vmware_workstation | 5.5.0 | |
| vmware | vmware_workstation | 5.5.2 | |
| vmware | vmware_workstation | 5.5.5 | |
| vmware | workstation | 5.5.1 | |
| vmware | workstation | 5.5.3 | |
| vmware | workstation | 5.5.4 | |
| vmware | esx | 2.5.4 | |
| vmware | esx | 3.0.0 | |
| vmware | esx | 3.0.1 | |
| vmware | esx | 3.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "700C0BB4-2272-4405-9D9A-A636E3D22461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx_server:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8ADCA876-2B69-4267-8467-E7E470428D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3771AFCF-E247-427A-8076-9E36EA457658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17C124AC-C421-459E-8251-E7B3BD33874B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "65DD6966-72EA-4C4D-BC90-B0D534834BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFC9B7A-8A40-467B-9102-EE5259EC4D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9565E5-042E-4C62-A7C7-54808B15F0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8230EFE6-8AB6-41DF-9A46-CAE4E5BB7F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B2C792F-48DA-46B5-B42E-9A045B393531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270D5FAD-A226-4F6F-BF0B-2C6D91C525D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "504CD24F-2EC6-45C0-8E46-69BAE8483521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BA6DF4-4D53-482A-8820-B9B0E6EBD51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "974D84A6-F5AB-4F0A-B9B5-9095A0E4733C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3613B7-CA1B-4C9A-9076-A2894202DDA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7ECF1C-285C-4AA3-8B66-28EDAB0763E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\\\.\\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges."
},
{
"lang": "es",
"value": "HGFS.sys en el VMware Tools package en VMware Workstation 5.x anterior a 5.5.6 build 80404, VMware Player anterior a 1.0.6 build 80404, VMware ACE anterior a 1.0.5 build 79846, VMware Server anterior a 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2, no valida correctamente argumentos en el modo de usuario METHOD_NEITHER IOCTLs hacia \\\\.\\hgfs, lo que permite al sistema operativo huesped, modificar ubicaciones de memoria de su elecci\u00f3n en el n\u00facleo de la memoria del sistema huesped y as\u00ed obtener privilegios."
}
],
"id": "CVE-2007-5671",
"lastModified": "2024-11-21T00:38:25.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-05T20:32:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30556"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3922"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020197"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/493148/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/493172/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5688"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-17 21:55
Modified
2024-11-21 01:37
Severity ?
Summary
VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.1 | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | fusion | 4.0 | |
| vmware | fusion | 4.0.1 | |
| vmware | fusion | 4.0.2 | |
| vmware | fusion | 4.1 | |
| vmware | fusion | 4.1.1 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 5.0 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60234129-7F7F-49FA-A425-CDAB4D09AB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB73EC4-F3CE-428B-BA40-47FB21181543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "927863C2-5A61-4137-83AC-6CF3F2958941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F74559CB-6E52-421F-88F3-739913C26C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4870DAA2-6670-47EF-BF74-6E39B92E75DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE88D8C-9CC3-46D1-9F26-290BC679F47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:1:*:*:*:*:*:*",
"matchCriteriaId": "58ED8AB4-0FDF-4752-B44E-56F58593CE41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*",
"matchCriteriaId": "0A4E41C0-31FA-47AA-A9BF-B9A6C1D44801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF016EE7-083A-4D62-A6D4-2807EB47B6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*",
"matchCriteriaId": "8F11844A-3C6C-4AA5-87DC-979AFF62867A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*",
"matchCriteriaId": "AC463653-A599-45CF-8EA9-8854D5C59963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*",
"matchCriteriaId": "4DC5C2BF-6EC6-436F-A925-469E87249C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*",
"matchCriteriaId": "7BCE5DA9-BB88-4169-B77C-40B1F98D511A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF29100-E124-4416-95CF-18B4246D43F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "37A5D726-3D38-44D5-B509-1B8B003903A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "A4DA3B20-A743-4F37-A095-65161FFBEB73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "FF7C3C65-BE63-407E-9CFD-E571025C3E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors."
},
{
"lang": "es",
"value": "VMware Workstation versiones 8.x anteriores a 8.0.2, VMware Player versiones 4.x anteriores a 4.0.2, VMware Fusion versiones 4.x anteriores a 4.1.2, VMware ESXi versiones 3.5 hasta 5.0, y VMware ESX versiones 3.5 hasta 4.1 utilizan una ACL incorrecta para la carpeta VMware Tools, que permite a los usuarios del Sistema Operativo invitado alcanzar privilegios de SO invitado por medio de vectores no especificados."
}
],
"id": "CVE-2012-1518",
"lastModified": "2024-11-21T01:37:08.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-17T21:55:01.307",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/81163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48782"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53006"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026922"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026923"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0007.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16745"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-17 21:55
Modified
2024-11-21 02:03
Severity ?
Summary
VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.1 | |
| vmware | fusion | 5.0 | |
| vmware | player | 5.0 | |
| vmware | workstation | 9.0 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*",
"matchCriteriaId": "0A4E41C0-31FA-47AA-A9BF-B9A6C1D44801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF016EE7-083A-4D62-A6D4-2807EB47B6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*",
"matchCriteriaId": "8F11844A-3C6C-4AA5-87DC-979AFF62867A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*",
"matchCriteriaId": "AC463653-A599-45CF-8EA9-8854D5C59963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*",
"matchCriteriaId": "4DC5C2BF-6EC6-436F-A925-469E87249C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*",
"matchCriteriaId": "7BCE5DA9-BB88-4169-B77C-40B1F98D511A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*",
"matchCriteriaId": "7C5A1C2B-119E-49F3-B8E6-0610EE1C445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF29B5A4-6E4C-4EAE-BC6A-0DD44262EE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7217CBE1-3882-4045-A15C-EE7D4174CA00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EEF165A-4E09-4FF0-A577-FF429BCCF588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "364FBB12-E292-47BB-8D26-CED34232A135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B439F706-27F8-4238-9396-B460EB78B6DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port."
},
{
"lang": "es",
"value": "VMware Workstation 9.x anteriores a 9.0.1, WMware Player 5.x anteriores a 5.0.1, VMware Fusion 5.x anteriores a 5.0.1, VMware ESXi 4.0 hasta 5.1, y WMware ESX 4.0 y 4.1 permite a usuarios invitado del sistema causar una denegaci\u00f3n de servicio (ruptura de proceso VMX) utilizando un puerto inv\u00e1lido."
}
],
"id": "CVE-2014-1208",
"lastModified": "2024-11-21T02:03:51.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-17T21:55:19.690",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/102197"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/56499"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/64994"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1029643"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1029644"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0001.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/102197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90558"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-13 14:59
Modified
2024-11-21 02:27
Severity ?
Summary
TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | horizon_client | 3.2.0 | |
| vmware | horizon_client | 3.3 | |
| vmware | horizon_view_client | 5.4 | |
| vmware | horizon_view_client | 5.4.1 | |
| microsoft | windows | * | |
| vmware | fusion | 6.0 | |
| vmware | fusion | 6.0.1 | |
| vmware | fusion | 6.0.2 | |
| vmware | fusion | 6.0.3 | |
| vmware | fusion | 6.0.4 | |
| vmware | fusion | 6.0.5 | |
| vmware | fusion | 7.0 | |
| vmware | fusion | 7.0.1 | |
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 | |
| vmware | player | 6.0.5 | |
| vmware | player | 7.0 | |
| vmware | player | 7.1 | |
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 | |
| vmware | workstation | 10.0.5 | |
| vmware | workstation | 11.0 | |
| vmware | workstation | 11.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BA06B-60FB-456B-A4BF-401F82E88BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F0EB9C-6734-4A8E-84FA-E618B2FC5942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E82AFF09-F9F6-486B-9299-3852EBD9B333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9391EA21-2A10-445A-B88A-103025C9A343",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BF84FD-2666-48F4-AEA6-4F2B30AF95BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184E7883-BBAD-4687-881A-69F0A5341ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFDBFB-3776-4615-AF3B-FCBD6840A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA730B34-3F72-451D-9960-DF44821A001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67198AB1-95B1-4ECC-A4CE-E2EAE688E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "85A09E65-9C4C-42FD-A1B0-E925A905875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92275180-52FC-48DE-947C-3AE1B87AF2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF002E-10E1-4405-8C55-BD91AD45B891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5D0FC7-8389-4B1D-BDBD-3017E5740F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93872771-BD86-4707-926B-F6C3577C33A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B52D8903-B853-43A2-88C3-D79BBA70F8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71B0563B-F300-448D-8450-9B7B862F4560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "492D7AD2-D660-48F5-A9BE-28CCA6A6B658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90F0250C-EE18-486B-90D7-348FEF01C2D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339."
},
{
"lang": "es",
"value": "TPview.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6 y 7.x anterior a 7.1.1, y VMware Horizon Client 3.2.x anterior a 3.2.1, 3.3.x, y 5.x local-mode anterior a 5.4.2 en Windows no reserva correctamente memoria, lo que permite a usuarios del sistema operativo invitado causar una denegaci\u00f3n de servicio del sistema operativo anfitri\u00f3n a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2015-2339."
}
],
"id": "CVE-2015-2338",
"lastModified": "2024-11-21T02:27:14.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-13T14:59:01.887",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75092"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-01-29 18:59
Modified
2024-11-21 02:18
Severity ?
Summary
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 | |
| vmware | fusion | 6.0 | |
| vmware | fusion | 6.0.1 | |
| vmware | fusion | 6.0.2 | |
| vmware | fusion | 6.0.3 | |
| vmware | fusion | 6.0.4 | |
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.0 | |
| vmware | esxi | 5.1 | |
| vmware | esxi | 5.1 | |
| vmware | esxi | 5.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BF84FD-2666-48F4-AEA6-4F2B30AF95BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184E7883-BBAD-4687-881A-69F0A5341ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFDBFB-3776-4615-AF3B-FCBD6840A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA730B34-3F72-451D-9960-DF44821A001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67198AB1-95B1-4ECC-A4CE-E2EAE688E193",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*",
"matchCriteriaId": "7C5A1C2B-119E-49F3-B8E6-0610EE1C445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF29B5A4-6E4C-4EAE-BC6A-0DD44262EE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7217CBE1-3882-4045-A15C-EE7D4174CA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.1:1:*:*:*:*:*:*",
"matchCriteriaId": "9A405802-D786-46F9-9E29-C727F9FD480A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "469D98A5-7B8B-41BE-94C6-D6EF25388007",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file."
},
{
"lang": "es",
"value": "VMware Workstation 10.x anterior a 10.0.5, VMware Player 6.x anterior a 6.0.5, VMware Fusion 6.x anterior a 6.0.5, y VMware ESXi 5.0 hasta 5.5 permiten a usuarios del sistema operativo anfitri\u00f3n ganar privilegios del sistema operativo anfitri\u00f3n o causar una denegaci\u00f3n de servicio (escritura arbitraria a un fichero) mediante la modificaci\u00f3n de un fichero de configuraci\u00f3n."
}
],
"id": "CVE-2014-8370",
"lastModified": "2024-11-21T02:18:58.043",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-29T18:59:00.047",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN88252465/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62551"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62605"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/62669"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72338"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031642"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031643"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN88252465/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1031643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100933"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-13 14:59
Modified
2024-11-21 02:27
Severity ?
Summary
TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | horizon_client | 3.2.0 | |
| vmware | horizon_client | 3.3 | |
| vmware | horizon_view_client | 5.4 | |
| vmware | horizon_view_client | 5.4.1 | |
| microsoft | windows | * | |
| vmware | fusion | 6.0 | |
| vmware | fusion | 6.0.1 | |
| vmware | fusion | 6.0.2 | |
| vmware | fusion | 6.0.3 | |
| vmware | fusion | 6.0.4 | |
| vmware | fusion | 6.0.5 | |
| vmware | fusion | 7.0 | |
| vmware | fusion | 7.0.1 | |
| vmware | player | 6.0 | |
| vmware | player | 6.0.1 | |
| vmware | player | 6.0.2 | |
| vmware | player | 6.0.3 | |
| vmware | player | 6.0.4 | |
| vmware | player | 6.0.5 | |
| vmware | player | 7.0 | |
| vmware | player | 7.1 | |
| vmware | workstation | 10.0 | |
| vmware | workstation | 10.0.1 | |
| vmware | workstation | 10.0.2 | |
| vmware | workstation | 10.0.3 | |
| vmware | workstation | 10.0.4 | |
| vmware | workstation | 10.0.5 | |
| vmware | workstation | 11.0 | |
| vmware | workstation | 11.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7BA06B-60FB-456B-A4BF-401F82E88BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_client:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F0EB9C-6734-4A8E-84FA-E618B2FC5942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E82AFF09-F9F6-486B-9299-3852EBD9B333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view_client:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9391EA21-2A10-445A-B88A-103025C9A343",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BF84FD-2666-48F4-AEA6-4F2B30AF95BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184E7883-BBAD-4687-881A-69F0A5341ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2CFDBFB-3776-4615-AF3B-FCBD6840A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DA730B34-3F72-451D-9960-DF44821A001C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67198AB1-95B1-4ECC-A4CE-E2EAE688E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "85A09E65-9C4C-42FD-A1B0-E925A905875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92275180-52FC-48DE-947C-3AE1B87AF2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EF002E-10E1-4405-8C55-BD91AD45B891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBDD49B-0083-4743-B4F8-6214FE8F4822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBFD3AF-D8A3-4599-AF42-B47C0A62AA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82AE914B-8688-4274-9D40-C3A166F112AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043541FC-C4F9-4E71-8373-E9022DCC62DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "200179EA-B682-435D-948C-5B70B686D1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5D0FC7-8389-4B1D-BDBD-3017E5740F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93872771-BD86-4707-926B-F6C3577C33A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B52D8903-B853-43A2-88C3-D79BBA70F8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0119B9-916C-4A98-8542-10FFC4F71C80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA413B-AB24-4884-A052-2A30A0CA4E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B2275C-913F-43D9-8146-0B0CD737E485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "01512B1C-ABCF-4705-91E8-F51FE6397343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A74B9F8A-E336-4421-ADA8-D2640DD7E67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71B0563B-F300-448D-8450-9B7B862F4560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "492D7AD2-D660-48F5-A9BE-28CCA6A6B658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "90F0250C-EE18-486B-90D7-348FEF01C2D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors."
},
{
"lang": "es",
"value": "TPInt.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6 y 7.x anterior a 7.1.1, y VMware Horizon Client 3.2.x anterior a 3.2.1, 3.3.x, y 5.x local-mode anterior a 5.4.2 en Windows no reserva correctamente memoria, lo que permite a usuarios del sistema operativo invitado causar una denegaci\u00f3n de servicio del sistema operativo anfitri\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-2340",
"lastModified": "2024-11-21T02:27:15.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-13T14:59:03.763",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75092"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0004.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-06 21:05
Modified
2024-11-21 01:20
Severity ?
Summary
The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a "command injection" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 | |
| vmware | workstation | 6.5.3 | |
| vmware | workstation | 6.5.5 | |
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 | |
| vmware | workstation | 7.1 | |
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | player | 2.5.3 | |
| vmware | player | 2.5.4 | |
| vmware | player | 2.5.5 | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 | |
| vmware | player | 3.1.2 | |
| vmware | fusion | 2.0 | |
| vmware | fusion | 2.0.1 | |
| vmware | fusion | 2.0.2 | |
| vmware | fusion | 2.0.3 | |
| vmware | fusion | 2.0.4 | |
| vmware | fusion | 2.0.5 | |
| vmware | fusion | 2.0.6 | |
| vmware | fusion | 2.0.7 | |
| vmware | fusion | 2.0.8 | |
| vmware | fusion | 3.1 | |
| vmware | fusion | 3.1.1 | |
| vmware | fusion | 3.1.2 | |
| vmware | server | 2.0.2 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B53C0A-5A0C-4168-8AD3-F3E957AE8919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A172221-19AB-4F7D-AA28-94AD5A6EFBF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "949C3917-4D7E-4B51-A872-BFBECB4D2CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "656039E8-8082-4208-B046-518D95769B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "80003D5E-B63F-4635-94ED-706375A4F86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55EBD95F-3DF7-49F3-A7AA-47085E0B7C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DA47C9-3D1A-49A7-8976-AE05D6730673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "692CC131-5C6C-4AD6-B85C-07DF21168BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "617EFBFF-D047-4A0B-ACB6-83B27710F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D0DF91-17E8-45D4-B625-737FE50C23CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C47EB8-8844-4D49-9246-008F7AE45C60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8C27806A-7AC9-4B7A-97EA-602FDB1C96CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "90CA88D9-52D8-4365-9DEB-7FB36A6A86A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "051D820C-E5F4-4DA2-8914-5A33FCFF2D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69FFA61C-2258-4006-AECA-D324F5700990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50D2840A-5AF2-4AC4-9243-07CE93E9E9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E565F23-AEEE-41A4-80EC-01961AD5560E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BDAA7C8-8F2F-4037-A517-2C1EDB70B203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C9E205-87EE-4CE2-A252-DED7BB6D4EAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3C6FC4-DAE3-42DB-B845-593BBD2A50BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a \"command injection\" issue."
},
{
"lang": "es",
"value": "La funcionalidad actualizar de VMware Tools en VMware Workstation 6.5.x anteriores a la 6.5.5 build 328052 y 7.x anteriores a la 7.1.2 build 301548; VMware Player 2.5.x anteriores a la 2.5.5 build 328052 y 3.1.x anteriores a la 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x anteriores a la 2.0.8 build 328035 y 3.1.x anteriores a la 3.1.2 build 332101; VMware ESXi 3.5, 4.0, y 4.1; y VMware ESX 3.0.3, 3.5, 4.0, y 4.1 permite a los usuarios del SO base escalar privilegios en el SO invitado a trav\u00e9s de vectores sin especificar. Relacionado con inyecciones de comandos."
}
],
"id": "CVE-2010-4297",
"lastModified": "2024-11-21T01:20:37.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-06T21:05:49.483",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/69590"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42480"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42482"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45166"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024819"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024820"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000112.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/69590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/514995/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3116"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-14 20:55
Modified
2024-11-21 01:40
Severity ?
Summary
VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 | |
| vmware | workstation | 7.1 | |
| vmware | workstation | 7.1.1 | |
| vmware | workstation | 7.1.2 | |
| vmware | workstation | 7.1.3 | |
| vmware | workstation | 7.1.4 | |
| vmware | workstation | 7.1.4.16648 | |
| vmware | workstation | 7.1.5 | |
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.2 | |
| vmware | workstation | 8.0.3 | |
| vmware | player | 3.0 | |
| vmware | player | 3.0.1 | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 | |
| vmware | player | 3.1.2 | |
| vmware | player | 3.1.3 | |
| vmware | player | 3.1.4 | |
| vmware | player | 3.1.5 | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | player | 4.0.3 | |
| vmware | fusion | 4.0 | |
| vmware | fusion | 4.0.1 | |
| vmware | fusion | 4.0.2 | |
| vmware | fusion | 4.1 | |
| vmware | fusion | 4.1.1 | |
| vmware | fusion | 4.1.2 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esx | 4.1 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.0 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 4.1 | |
| vmware | esxi | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99ADA116-A571-4788-8DF2-09E8A2AF92F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2818FD22-8BC5-4803-8D62-D7C7C22556F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8C76F3-05B5-43EA-AE70-A026AC6001DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.4.16648:*:*:*:*:*:*:*",
"matchCriteriaId": "6205C8AE-63AB-4501-B311-30A9F806DC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "019FEA3B-970B-4959-A500-D9AD39C58C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21644868-F1B0-4A8E-BE73-4F42BEB8E834",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A115959-9CDA-45ED-9002-BA1A31074E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C174C452-7249-4B26-9F26-DFE9B3476874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA72ED8-3229-4220-BE75-712CA6E21062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "57E06DA2-CB18-45E6-9F88-B3B6E0507816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9D2803-D06D-4CD6-98D5-0E74CFC13B99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5FD2D7-9928-437B-8988-4FC955DE4F84",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60234129-7F7F-49FA-A425-CDAB4D09AB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB73EC4-F3CE-428B-BA40-47FB21181543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "927863C2-5A61-4137-83AC-6CF3F2958941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F74559CB-6E52-421F-88F3-739913C26C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4870DAA2-6670-47EF-BF74-6E39B92E75DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70C64B80-4928-4ABA-AF4E-1977C252BAEE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF29100-E124-4416-95CF-18B4246D43F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "37A5D726-3D38-44D5-B509-1B8B003903A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "A4DA3B20-A743-4F37-A095-65161FFBEB73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "FF7C3C65-BE63-407E-9CFD-E571025C3E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE88D8C-9CC3-46D1-9F26-290BC679F47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:3.5:1:*:*:*:*:*:*",
"matchCriteriaId": "58ED8AB4-0FDF-4752-B44E-56F58593CE41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*",
"matchCriteriaId": "0A4E41C0-31FA-47AA-A9BF-B9A6C1D44801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*",
"matchCriteriaId": "AF016EE7-083A-4D62-A6D4-2807EB47B6DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*",
"matchCriteriaId": "8F11844A-3C6C-4AA5-87DC-979AFF62867A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*",
"matchCriteriaId": "AC463653-A599-45CF-8EA9-8854D5C59963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*",
"matchCriteriaId": "4DC5C2BF-6EC6-436F-A925-469E87249C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*",
"matchCriteriaId": "7BCE5DA9-BB88-4169-B77C-40B1F98D511A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2331236-2E9B-4B52-81EE-B52DEB41ACE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file."
},
{
"lang": "es",
"value": "VMware Workstation v7.x antes de v7.1.6 y v8.x antes de v8.0.4, VMware Player v3.x antes de v3.1.6 y v4.x antes de v4.0.4, VMware Fusion v4.x antes de 4.1.3, VMware ESXi v3.5 a v5.0 y VMware ESX v3.5 a v4.1 permite ejecutar c\u00f3digo de su elecci\u00f3n en el sistema operativo anfitri\u00f3n a atacantes remotos (con cierta ayuda de usuarios locales) o causar una denegaci\u00f3n de servicio (por corrupci\u00f3n de memoria) en el sistema operativo anfitri\u00f3n a trav\u00e9s de un archivo Checkpoint modificado."
}
],
"id": "CVE-2012-3288",
"lastModified": "2024-11-21T01:40:35.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-06-14T20:55:01.420",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2012-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17178"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-21 19:17
Modified
2024-11-21 00:35
Severity ?
Summary
Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | * | |
| vmware | ace | * | |
| vmware | player | * | |
| vmware | player | * | |
| vmware | server | * | |
| vmware | workstation | * | |
| vmware | workstation | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 6.10 | |
| canonical | ubuntu_linux | 7.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A98FBF6-45D0-48BC-8E24-8C7F136F53AB",
"versionEndIncluding": "1.0.3",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC4028C2-4A8A-41E3-9B58-5E48CEFC7F99",
"versionEndIncluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF86A1B-FC17-4CB4-9F3C-726491C117BB",
"versionEndIncluding": "1.0.5",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA625B0B-2837-4B5A-9B36-FC77CF0748AC",
"versionEndIncluding": "2.0.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "574C5392-7607-4F34-A661-CF618AA52BC4",
"versionEndIncluding": "1.0.4",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7F4F51-A9B8-4CA9-AE2C-458E61DB9D47",
"versionEndIncluding": "5.5.5",
"versionStartIncluding": "5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40975D44-E804-4A1C-9577-18D7DE1051E5",
"versionEndIncluding": "6.0.1",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en EMC VMware Workstation anterior a 5.5.5 Build 56455 y 6.x anterior a 6.0.1 Build 55017, Player anterior a 1.0.5 Build 56455 y Player 2 anterior a 2.0.1 Build 55017, ACE anterior a 1.0.3 Bui9ld 54075 y ACE 2 anterior a 2.0.1 Build 55017, y Server anterior a 1.0.4 Build 56528 permite a usuarios con acceso a un sistema operativo invitado (guest) provocar una denegaci\u00f3n de servicio (cuelgue total del sistema invitado y ca\u00edda o cuelgue del proceso anfitri\u00f3n) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2007-4497",
"lastModified": "2024-11-21T00:35:44.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-21T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25731"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018718"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/25731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-543-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-21 20:03
Modified
2024-11-21 00:04
Severity ?
Summary
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 1.0 | |
| vmware | gsx_server | 2.0 | |
| vmware | gsx_server | 2.0.1_build_2129 | |
| vmware | gsx_server | 2.5.1 | |
| vmware | gsx_server | 2.5.1_build_5336 | |
| vmware | gsx_server | 2.5.2 | |
| vmware | gsx_server | 3.0 | |
| vmware | gsx_server | 3.0_build_7592 | |
| vmware | gsx_server | 3.1 | |
| vmware | gsx_server | 3.2 | |
| vmware | player | 1.0.0 | |
| vmware | workstation | 3.2.1 | |
| vmware | workstation | 3.4 | |
| vmware | workstation | 4.0 | |
| vmware | workstation | 4.0.1 | |
| vmware | workstation | 4.0.2 | |
| vmware | workstation | 4.5.2 | |
| vmware | workstation | 4.5.2_build_8848 | |
| vmware | workstation | 5.0.0_build_13124 | |
| vmware | workstation | 5.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*",
"matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4088851B-C42B-4B3C-B548-68A026C2BC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1E0FF6-89A3-4530-A6B5-D9951C951209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "944FE3AE-C500-4891-BC05-3F1E3417FF68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:gsx_server:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "111932A6-B0ED-4A79-A533-AEA984DB6A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E76D03A3-DB55-48A2-B5A5-64002D28B95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.2.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "4C1A275E-2152-4A37-8CFE-34E8900E3426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A688A2-3E9C-4AA3-832B-300A5A311C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89098CFF-4696-4BD9-9BC9-D7C2D92FE729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A30DFFE7-EB73-4A88-A23B-9B386C091314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6C230D-7BAA-4A77-9E96-B1B994F4AAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FE7C5-2C46-4B59-9242-A03B986C07DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2_build_8848:r4:*:*:*:*:*:*",
"matchCriteriaId": "0C605123-69F9-44AC-A17E-3C728059E628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.0.0_build_13124:*:*:*:*:*:*:*",
"matchCriteriaId": "41B54C61-FB19-4900-A635-2F6B63BEC88C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands."
}
],
"id": "CVE-2005-4459",
"lastModified": "2024-11-21T00:04:18.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-21T20:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18162"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18344"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/282"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/289"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015401"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/856689"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/419997/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/420017/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15998"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/3013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/856689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/419997/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/420017/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/3013"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-11-02 15:30
Modified
2024-11-21 01:04
Severity ?
Summary
VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | 2.5.0 | |
| vmware | ace | 2.5.1 | |
| vmware | ace | 2.5.2 | |
| vmware | esx | 2.5.5 | |
| vmware | esx | 3.0.3 | |
| vmware | esx | 3.5 | |
| vmware | esx | 4.0 | |
| vmware | esxi | 3.5 | |
| vmware | esxi | 4.0 | |
| vmware | fusion | 2.0 | |
| vmware | fusion | 2.0.1 | |
| vmware | fusion | 2.0.2 | |
| vmware | fusion | 2.0.3 | |
| vmware | fusion | 2.0.4 | |
| vmware | fusion | 2.0.5 | |
| vmware | player | 2.5 | |
| vmware | player | 2.5.1 | |
| vmware | player | 2.5.2 | |
| vmware | server | 1.0 | |
| vmware | server | 1.0.1 | |
| vmware | server | 1.0.2 | |
| vmware | server | 1.0.3 | |
| vmware | server | 1.0.4 | |
| vmware | server | 1.0.5 | |
| vmware | server | 1.0.6 | |
| vmware | server | 1.0.7 | |
| vmware | server | 1.0.8 | |
| vmware | server | 1.0.9 | |
| vmware | server | 2.0 | |
| vmware | server | 2.0 | |
| vmware | server | 2.0.1 | |
| vmware | workstation | 6.5.0 | |
| vmware | workstation | 6.5.1 | |
| vmware | workstation | 6.5.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B037838B-072E-4676-9E5D-86F5BC207512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6F7416-E694-4EC9-9FE5-0C24448ECB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5ECA1B-7415-4390-8018-670F2C3CDF35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "889DE9BE-886F-4BEF-A794-5B5DE73D2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BDAA7C8-8F2F-4037-A517-2C1EDB70B203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18541B-36B6-40A7-9749-FA47A10379C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55EBD95F-3DF7-49F3-A7AA-47085E0B7C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DA47C9-3D1A-49A7-8976-AE05D6730673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "692CC131-5C6C-4AD6-B85C-07DF21168BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "617EFBFF-D047-4A0B-ACB6-83B27710F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D0DF91-17E8-45D4-B625-737FE50C23CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EC33AB-E92A-4AA8-A523-C341133BB515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53197903-0614-4460-8944-C1B5257D71A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F037B05F-6F92-4BE1-B672-F677CBEFD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BFEAE8-0118-4548-A6EA-E90FA8FE7AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "42049891-38B7-4BB7-8DA5-A87169E2D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07139DF7-C36B-4FED-8558-7FA49BE0BCFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0D7307-5946-45DC-88D3-6BC72EF50184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "89699BB6-9E41-41DC-B597-B45CA05313A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9D09AC-7D9B-4150-86BC-19F44F6F2CA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2786E370-6108-4695-B0A8-9F19D8E3C0C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C2AAA6D-A31D-43A7-AB2F-FBF9815A9745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CFDD84-A482-42C2-B43F-839F4D7F1130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register."
},
{
"lang": "es",
"value": "VMware Workstation v6.5.x anteriores a v6.5.3 build 185404, VMware Player v2.5.x anteriores a v2.5.3 build 185404, VMware ACE v2.5.x anteriores a v2.5.3 build 185404, VMware Server v1.x anteriores a v1.0.10 build 203137 and v2.x anteriores a v2.0.2 build 203138, VMware Fusion v2.x anteriores a v2.0.6 build 196839, VMware ESXi v3.5 y v4.0, y VMware ESX v2.5.5, v3.0.3, v3.5 y v4.0, cuando el modo Virtual-8086 es usado, no asigna adecuadamente el c\u00f3digo de excepci\u00f3n para una excepci\u00f3n de fallo de p\u00e1gina (tambi\u00e9n conocido como #PF), lo que permite a usuarios del SO anfitri\u00f3n obtener privilegios en el SO anfitri\u00f3n especificando un valor modificado para el registro cs."
}
],
"id": "CVE-2009-2267",
"lastModified": "2024-11-21T01:04:29.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-02T15:30:00.420",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000069.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37172"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1023082"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1023083"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/507523/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/507539/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/36841"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0015.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3062"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000069.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507523/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507539/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/36841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8473"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2024-11-21 00:49
Severity ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3695, and CVE-2008-3696.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "799650A4-BD6F-40EF-889B-6ED50E05CCA8",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E196532F-3B8D-4DAB-9DBA-FE204D3A07A9",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B553A95A-C3D3-4A01-80D6-2F656BA26BF3",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9",
"versionEndExcluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3695, and CVE-2008-3696."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en un cierto control ActiveX en VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, and VMware Server versiones anteriores a 1.0.7 build 108231 tiene un impacto y vectores de ataque desconocidos, una vulnerabilidad diferente a CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3695, y CVE-2008-3696."
}
],
"id": "CVE-2008-3694",
"lastModified": "2024-11-21T00:49:53.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-03T14:12:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-08 10:28
Modified
2024-11-21 01:37
Severity ?
Summary
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | * | |
| vmware | workstation | 8.0 | |
| vmware | workstation | 8.0.0.18997 | |
| vmware | workstation | 8.0.1 | |
| vmware | workstation | 8.0.1.27038 | |
| vmware | workstation | 8.0.2 | |
| vmware | player | * | |
| vmware | player | 4.0 | |
| vmware | player | 4.0.0.18997 | |
| vmware | player | 4.0.1 | |
| vmware | player | 4.0.2 | |
| vmware | fusion | * | |
| vmware | fusion | 4.0 | |
| vmware | fusion | 4.0.1 | |
| vmware | fusion | 4.0.2 | |
| vmware | fusion | 4.1 | |
| vmware | view | * | |
| vmware | view | 4.6.0 | |
| vmware | esx | 4.1 | |
| vmware | esx | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C31BB23E-4BAF-4C07-B613-98E590695A7B",
"versionEndIncluding": "8.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE22BB0-F375-4883-BF6C-5A6369694EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "01483038-BC89-44BA-B07B-362FC5D7E8C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD913295-9302-425A-A9E1-B0DF76AD3069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.1.27038:*:*:*:*:*:*:*",
"matchCriteriaId": "B671AC17-7064-4541-ADB3-FCD72109C766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51B6CAE2-A396-40C8-8FF0-D9EC64D5C9A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18A0EAA7-72FF-4910-931B-D18C7407CF1E",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "535E3D3C-76A5-405A-8F9D-21A86ED31D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.0.18997:*:*:*:*:*:*:*",
"matchCriteriaId": "81AFBBE6-0B3B-44DB-BBEB-08C8B2C39038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09D7FB-78EE-4168-996D-FD3CF2E187BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "816F1646-A1C9-4E4A-BCE1-A34D00B51ABE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B8519FA-C221-4D6F-B418-D2FED3B9D634",
"versionEndIncluding": "4.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60234129-7F7F-49FA-A425-CDAB4D09AB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB73EC4-F3CE-428B-BA40-47FB21181543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "927863C2-5A61-4137-83AC-6CF3F2958941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F74559CB-6E52-421F-88F3-739913C26C8E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:view:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D11ED8-646B-4F8E-A0E5-56C6964F9D61",
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:view:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4346ED63-851E-43E9-933D-7CCAFA43B17B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E52EEFA3-BE68-4AFF-A22C-036D33306AF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory."
},
{
"lang": "es",
"value": "Vulnerabilidad de path de b\u00fasqueda no confiable en VMware Tools en VMware Workstation anteriores a v8.0.4, VMware Player anteriores a v4.0.4, VMware Fusion anteriores a v4.1.2, VMware View anteriores a v5.1, y VMware ESX v4.1 anteriores a vU3 y v5.0 anteriores a vP03, permite a usuario locales obtener privilegios a trav\u00e9s de un fichero tpfc.dll troyanizado en el directorio de trabajo actual."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n\u0027CWE-426 Untrusted Search Path\u0027",
"id": "CVE-2012-1666",
"lastModified": "2024-11-21T01:37:25.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-08T10:28:20.367",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-09/0013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.vmware.com/support/vsphere4/doc/vsp_esxi41_u3_rel_notes.html#resolvedissuessecurity"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-03 14:12
Modified
2024-11-21 00:49
Severity ?
Summary
Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "799650A4-BD6F-40EF-889B-6ED50E05CCA8",
"versionEndExcluding": "1.0.7",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E196532F-3B8D-4DAB-9DBA-FE204D3A07A9",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B553A95A-C3D3-4A01-80D6-2F656BA26BF3",
"versionEndExcluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD1D7B-2D6F-4D48-8276-5C3285FF7B3E",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BF4289-F9A3-49B8-9641-9F7B0A02F3E9",
"versionEndExcluding": "1.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A47F4F7-B457-4F5B-B719-7A5741595456",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B69FA6-E75A-4EDB-BD6C-41B560AABBC0",
"versionEndExcluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, and CVE-2008-3696."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en un cierto control ActiveX de VMware Workstation 5.5.x versiones anteriores a 5.5.8 build 108000, VMware Workstation 6.0.x versiones anteriores a 6.0.5 build 109488, VMware Player 1.x versiones anteriores a 1.0.8 build 108000, VMware Player 2.x versiones anteriores a 2.0.5 build 109488, VMware ACE 1.x versiones anteriores a 1.0.7 build 108880, VMware ACE 2.x versiones anteriores a 2.0.5 build 109488, y VMware Server versiones anteriores a 1.0.7 build 108231 tiene un impacto y vectores de ataque remotos desconocidos, una vulnerabilidad diferente a CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, y CVE-2008-3696."
}
],
"id": "CVE-2008-3691",
"lastModified": "2024-11-21T00:49:53.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-03T14:12:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/4202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-28 18:00
Modified
2024-11-21 01:18
Severity ?
Summary
The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workstation | 7.0 | |
| vmware | workstation | 7.0.1 | |
| vmware | workstation | 7.1 | |
| vmware | workstation | 7.1.1 | |
| vmware | player | 3.0 | |
| vmware | player | 3.0.1 | |
| vmware | player | 3.1 | |
| vmware | player | 3.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33DBC9-3B63-457E-A353-B9E7378211AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "34F436D4-B7B7-43CB-A2BD-C5E791F7E3C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF53DB66-4C79-47BB-AABD-6DCE2EF98E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13A31E93-7671-492E-A78F-89CF4703B04D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5F747AC1-E163-41A4-BAC7-FDF46F4057D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A115959-9CDA-45ED-9002-BA1A31074E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C158CD97-41BA-4422-9A55-B1A8650A0900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "477D5F22-7DDD-461D-9CD1-2B2A968F6CB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file."
},
{
"lang": "es",
"value": "El instalador en VMware Workstation v7.x anterior v7.1.2 build 301548 y VMware Player v3.x anterior v3.1.2 build 301548 lanza un fichero index.htm si se presenta en el directorio de instalaci\u00f3n, lo que puede permitir a usuarios locales provocar una interpretaci\u00f3n no prevista de c\u00f3digo web o HTML por la creaci\u00f3n de dicho archivo. \r\n\r\n"
}
],
"id": "CVE-2010-3277",
"lastModified": "2024-11-21T01:18:25.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-09-28T18:00:03.293",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41574"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024481"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-05 20:32
Modified
2024-11-21 00:46
Severity ?
Summary
Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | ace | * | |
| vmware | ace | * | |
| vmware | esx_server | 3.0 | |
| vmware | esx_server | 3.5 | |
| vmware | esxi | 3.5 | |
| vmware | fusion | * | |
| vmware | player | * | |
| vmware | player | * | |
| vmware | server | * | |
| vmware | workstation | * | |
| vmware | workstation | * | |
| vmware | esx | 2.5.4 | |
| vmware | esx | 2.5.5 | |
| vmware | esx | 3.0.0 | |
| vmware | esx | 3.0.1 | |
| vmware | esx | 3.0.2 | |
| vmware | esx | 3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C67E8ABD-4BC9-4A68-A1A8-517574B54FBB",
"versionEndIncluding": "1.0.5",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13B407FC-39E6-4504-AA38-28F45B10B462",
"versionEndIncluding": "2.0.3",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE184CF-CD55-4F32-9294-A680A4DD3870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esx_server:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "16EFF4E2-CA32-4FA4-AC4B-82D8C50769D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5AE1C86-62E7-470E-BB1B-1AAEE3192D91",
"versionEndIncluding": "1.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "093FA9F6-A59D-4C09-B133-002573AB05BA",
"versionEndIncluding": "1.0.6",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "318E110E-C2E3-4332-BD84-7ABBFBF2309B",
"versionEndIncluding": "2.0.3",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC0931F-7BB8-4CFD-9533-A62367661810",
"versionEndIncluding": "1.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E456E5A-C2F5-4FA1-94F0-2BBD81A766D5",
"versionEndIncluding": "5.5.6",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40ED2686-C461-4C16-A50F-D56E369879CC",
"versionEndIncluding": "6.0.3",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BA6DF4-4D53-482A-8820-B9B0E6EBD51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ECFD8D25-7FDF-48DF-8728-5875C44FFB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "974D84A6-F5AB-4F0A-B9B5-9095A0E4733C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3613B7-CA1B-4C9A-9076-A2894202DDA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7ECF1C-285C-4AA3-8B66-28EDAB0763E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF29100-E124-4416-95CF-18B4246D43F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de buffer en VIX API 1.1.x anteriores a 1.1.4 build 93057 en VMware Workstation 5.x y 6.x, VMware Player 1.x y 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, y VMware ESX 3.0.1 hasta la 3.5, permite a los usuarios del sistema hu\u00e9sped, ejecutar c\u00f3digo arbitrario en el sistema anfitri\u00f3n a trav\u00e9s de vectores no espec\u00edficos.\r\n"
}
],
"id": "CVE-2008-2100",
"lastModified": "2024-11-21T00:46:05.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-05T20:32:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30556"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/3922"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1020200"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/29552"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42872"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/30556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/3922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1020200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/29552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/1744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5647"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-30 18:30
Modified
2024-11-21 01:16
Severity ?
Summary
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libpng | libpng | * | |
| libpng | libpng | * | |
| apple | itunes | * | |
| apple | safari | * | |
| apple | iphone_os | * | |
| apple | tvos | * | |
| fedoraproject | fedora | 12 | |
| fedoraproject | fedora | 13 | |
| opensuse | opensuse | 11.1 | |
| opensuse | opensuse | 11.2 | |
| suse | linux_enterprise_server | 9 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| vmware | player | * | |
| vmware | player | * | |
| vmware | workstation | * | |
| vmware | workstation | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| debian | debian_linux | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7768B8-2319-4AAF-B38E-A3B21A37B0FE",
"versionEndExcluding": "1.2.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13C02A4C-7A19-4F0D-A192-C031833576D6",
"versionEndExcluding": "1.4.3",
"versionStartIncluding": "1.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE850901-4B2A-4C98-836A-40683CB02FB4",
"versionEndExcluding": "10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57A2B591-583F-4644-A900-4890FEFEE18C",
"versionEndExcluding": "5.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D97C1BD-57D8-4131-B437-6BA9F41C8F50",
"versionEndIncluding": "4.1",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "407115F2-CC65-448B-8133-D3D57AD306BA",
"versionEndExcluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
"matchCriteriaId": "E44669D7-6C1E-4844-B78A-73E253A7CC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*",
"matchCriteriaId": "25CBACD3-AFB7-410D-927F-0C1FF477D396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
"matchCriteriaId": "F13F07CC-739B-465C-9184-0E9D708BD4C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
"matchCriteriaId": "EE26596F-F10E-44EF-88CA-0080646E91B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "926563F5-E868-4E88-A1F8-B29624FB2438",
"versionEndExcluding": "2.5.5",
"versionStartIncluding": "2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F01F27AB-A8F6-455B-9495-821520435771",
"versionEndExcluding": "3.1.2",
"versionStartIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "894BC4D6-EBB6-4743-A860-170D7D31196A",
"versionEndExcluding": "6.5.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D23900B-C027-44C5-B912-9F7F71C7EBD1",
"versionEndExcluding": "7.1.2",
"versionStartIncluding": "7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "C0507E91-567A-41D6-A7E5-5088A39F75FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks."
},
{
"lang": "es",
"value": "Fuga de memoria en pngrutil.c en libpng anteriores a v1.2.44 y v1.4.x anteriores a v.1.4.3, permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una imagen que contiene un troceado mal formado del Physical Scale (tambi\u00e9n conocido como sCAL)"
}
],
"id": "CVE-2010-2249",
"lastModified": "2024-11-21T01:16:14.217",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2010-06-30T18:30:01.847",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40302"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40336"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40472"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40547"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/41574"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4554"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4566"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"source": "secalert@redhat.com",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/41174"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-960-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1612"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/41574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/41174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1024723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-960-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/1877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/2491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-06 15:30
Modified
2024-11-21 01:01
Severity ?
Summary
Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D249F86-E463-4AB1-BEEE-0828D5A2D761",
"versionEndIncluding": "2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "700C0BB4-2272-4405-9D9A-A636E3D22461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFC82A8C-E561-4E35-A84D-66A4D6C90264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D346E48-887C-4D02-BFD3-D323B7F3871C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9C6150A-2DF3-4F7B-B024-0F3DBB686124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40192EE1-A300-42C3-BC98-286C9E5A281E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "87291B27-442C-4CAB-94A1-67FC766486EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B04862-4377-422E-931A-B17FE1CA1884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B6730-F05B-4B62-B4DE-07C61A4924F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D22E40D-C362-49FD-924C-262A64555934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A48CEB4-5864-4A0F-B14C-CFE4699C3311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78957047-FB9F-4D1D-B3D9-91257A6B4D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A04DB52-C66C-4AA9-9D6F-9D2DC202C5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280033C5-90EF-4825-A87D-B23650D8C71A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1C154A-3869-4189-A781-D3071D54143F",
"versionEndIncluding": "2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E76D03A3-DB55-48A2-B5A5-64002D28B95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EAC68CA-DCA3-4399-807D-E7AC67C9C3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA35C066-90A9-4DE2-A97A-38A6CFC59A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "462EEAD5-A78C-4381-847E-B6F1BE4CB379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E666A5E4-4CDD-4915-B0F3-C63998D01846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3F9D4D-2116-49A7-9292-AF6B4456E175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2EAA90-B24A-45E7-B99F-DA3554A16F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "446F2959-C42B-403B-AE1C-BA7D305C60CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EC33AB-E92A-4AA8-A523-C341133BB515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53197903-0614-4460-8944-C1B5257D71A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F037B05F-6F92-4BE1-B672-F677CBEFD075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BFEAE8-0118-4548-A6EA-E90FA8FE7AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "42049891-38B7-4BB7-8DA5-A87169E2D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "07139DF7-C36B-4FED-8558-7FA49BE0BCFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0D7307-5946-45DC-88D3-6BC72EF50184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "89699BB6-9E41-41DC-B597-B45CA05313A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2786E370-6108-4695-B0A8-9F19D8E3C0C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D69FD9-F162-4623-A475-9FA7A3A6DF30",
"versionEndIncluding": "6.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBF029A-103D-4BB6-B037-25EC2224DF34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D00C4D90-3697-4F3F-8FFF-FE63F3AD0DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "35A717A5-60C2-4470-943E-CA53781D4B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8FBC02-7F2F-4AEF-A5A3-E283D192937C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29AA2B37-BF5F-4AC5-844D-34CF56EC621C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "07131E56-53EE-4CE1-A135-050792EA3C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86334051-8763-4CD9-9480-CAEAE756DFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66596F04-9C2E-4091-85A7-40239F3F920E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E831531-60FE-4DFC-994E-7409E6C69D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.2.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "4C1A275E-2152-4A37-8CFE-34E8900E3426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A688A2-3E9C-4AA3-832B-300A5A311C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89098CFF-4696-4BD9-9BC9-D7C2D92FE729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A30DFFE7-EB73-4A88-A23B-9B386C091314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6C230D-7BAA-4A77-9E96-B1B994F4AAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0FE7C5-2C46-4B59-9242-A03B986C07DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5:*:*:*:*:*:*:*",
"matchCriteriaId": "37595A89-52C5-4699-A463-C9D91B91716B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "294B621F-6C1A-4571-AE13-49495680D255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF51A7F-59DA-4F64-A4F7-3A250C950D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA47458-E783-4A6A-ABF1-59E8D87E9B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D75ED54E-8E55-48BF-A52E-19FCCE895C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B53297E3-0C74-421B-8058-DAF7357D421A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDEFCEF-F943-449B-91D8-A8CB290C7AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "97957D6F-0249-4814-8755-5C4537B58E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4408849A-21F1-40F5-A528-0BD47E1BF823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9938CB4F-96D1-4852-9694-28A93E13AA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB61760-87FD-4E60-ADC6-407EFA13773C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBDE6D5-7131-421A-BABE-32F281615597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA4FEF-FF8F-4706-89BC-8396F7614EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC6B629-30B3-4C45-B5E9-1B4310F186FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en un ioctl de hcmon.sys de VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE v2.5.1 y anteriores y VMware Server en sus versiones v1.0.x anteriores a v1.0.9 build 156507 y v2.0.x en sus versiones anteriores a v2.0.1 build 156745. Permite a usuarios locales provocar una denegaci\u00f3n de servicio (DOS) a trav\u00e9s de vectores de ataque desconocidos utilizando una vulnerabilidad distinta a la especificada en CVE-2008-3761."
}
],
"id": "CVE-2009-1146",
"lastModified": "2024-11-21T01:01:46.443",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-06T15:30:04.420",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34373"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021977"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6310"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-09 00:30
Modified
2024-11-21 00:52
Severity ?
Summary
Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:esx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA6F7DC-90D0-40C4-A8CA-765125102DD3",
"versionEndIncluding": "3.5",
"versionStartIncluding": "3.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:esxi:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD59C463-F352-4F6C-853F-415E3FB4ABDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44A6CE08-8BAB-4BCC-87AE-FA433CD1AC67",
"versionEndIncluding": "1.0.8",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA8737EE-4163-4B99-873A-21FC9748087A",
"versionEndIncluding": "2.0.5",
"versionStartIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE92595D-2632-432D-A705-B1F21FA2AE4C",
"versionEndIncluding": "1.0.9",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFA048E-E58D-481F-BE83-FF26795A0F7C",
"versionEndIncluding": "5.5.8",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1598C125-3339-4917-BCB6-A7F361887E15",
"versionEndIncluding": "6.0.5",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en VMware Workstation v5.5.8 y anteriores, y v6.0.5 y anteriores, versiones v6.x; VMware Player v1.0.8 y anteriores, y v2.0.5 y versiones anteriores a v2.x; VMware Server v1.0.9 y anteriores; VMware ESXi v3.5; y VMware ESX v3.0.2 a la v3.5, permite a los usuarios del sistema operativo hu\u00e9sped tener un impacto desconocido mediante el env\u00edo de una petici\u00f3n de hardware que lanza una operaci\u00f3n de escritura f\u00edsica de la memoria, permitiendo una corrupci\u00f3n de memoria."
}
],
"id": "CVE-2008-4917",
"lastModified": "2024-11-21T00:52:50.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-12-09T00:30:00.283",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://kb.vmware.com/kb/1006980"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.vmware.com/kb/1006986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32965"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1021300"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1021301"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/498863/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/498886/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/32597"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://kb.vmware.com/kb/1006980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://kb.vmware.com/kb/1006986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1021300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1021301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/498863/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/498886/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/32597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6246"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}